EUVD-2020-29216

Malware in sbrugna...

CVE-2020-8349

An internal security review has identified an unauthenticated remote code execution vulnerability in Cloud Networking Operating System CNOS’ optional REST API management interface. This interface is disabled by default and not vulnerable unless enabled. When enabled, it is only vulnerable where...

CVE-2021-36308

Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system...

Remote code execution

An internal security review has identified an unauthenticated remote code execution vulnerability in Cloud Networking Operating System CNOS’ optional REST API management interface. This interface is disabled by default and not vulnerable unless enabled. When enabled, it is only vulnerable where...

Cloud Networking Operating System (CNOS) Vulnerability - Lenovo Support US

Lenovo Security Advisory: LEN-44423 Potential Impact: Remote code execution Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2020-8349 Summary Description: An internal security review has identified an unauthenticated remote code execution vulnerability in CNOS’ optional REST A...

CVE-2019-3710

Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due to an underlying application using undocumented, pre-installed X.509v3 key/certificate pairs. An unauthenticated remote attacker with the knowledge of the default keys may potentially be able to...

Information disclosure

The Fibre Channel over Ethernet FCoE feature in IBM System Networking and Blade Network Technology BNT switches running IBM Networking Operating System aka NOS, formerly BLADE Operating System floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow...

Cisco IOS XR netconf Denial of Service Vulnerability

Cisco IOS XR Software is the United States Cisco Cisco company's IOS software series including IOS T, IOS S and IOS XR in a fully modular, distributed network operating system. A resource management error vulnerability exists in the netconf interface in Cisco IOS XR Software that stems from the...

CVE-2017-3765

In Enterprise Networking Operating System ENOS in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when...

CVE-2013-5385

The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries servers, and in Networking Operating System aka NOS, formerly BLADE Operating System does not properly validate Link State Advertisement LSA type 1 packets before performing operations on the LSA database, which allows remote...