3 matches found
CVE-2018-12335
CVE-2018-12335 affects ECOS System Management Appliance (SMA) 5.2.68. Root cause: improper access control allowing unrestricted database access during Easy Enrollment. Consequence: an attacker could compromise authentication keys and access/manipulate security-related configurations. Public detai...
CVE-2018-12338
ECOS SMA 5.2.68 is affected by an undocumented vendor backdoor that enables extraction of confidential information and manipulation of security configurations via remote root SSH access. The issue is described consistently across multiple records (NVD CVE-2018-12338 and related CNVD/PRION entries...
CVE-2018-12331
The CVE-2018-12331 entry concerns ECOS System Management Appliance (SMA) v5.2.68. Affected component: SMA authentication during Easy Enrollment. Root cause: authentication bypass via IP spoofing enabling a man-in-the-middle to access activation codes, passwords, and configurations. Documented imp...