Lucene search
K
Versa-networksVersa Operating System

4 matches found

CVE
CVE
added 2021/05/26 6:45 p.m.55 views

CVE-2019-25030

CVE-2019-25030 affects Versa Director, Versa Analytics and VOS. Passwords were stored without an adaptive hash or KDF, using Merkle-Damgard-based algorithms (e.g., MD5/SHA-1), enabling rainbow-table based cracking. The connected documents indicate the mitigation is to hash with adaptive algorithm...

5.5CVSS5.5AI score0.00216EPSS
CVE
CVE
added 2021/05/26 6:46 p.m.42 views

CVE-2018-16494

CVE-2018-16494 affects Versa Networks Versa OS (VOS). The issue is an overly permissive default file-creation mask (umask) that allows authorized server users to obtain unauthorized access via insecure file permissions. This can lead to arbitrary read, write, or execution of newly created files a...

8.8CVSS8.9AI score0.01922EPSS
CVE
CVE
added 2021/05/26 6:46 p.m.42 views

CVE-2018-16495

Versa Networks Versa Operating System (VOS) is affected by a session fixation issue: an authentication token is issued to the browser before authentication and is not changed after a successful login. The underlying problem: the same session ID persists across login, enabling an attacker to set u...

8.8CVSS8.8AI score0.00911EPSS
CVE
CVE
added 2021/05/26 6:45 p.m.40 views

CVE-2018-16499

The CVE-2018-16499 entry concerns Versa Networks Versa VOS. The connected records indicate the issue stems from the use of unapproved SSH encryption protocols or cipher suites, enabling a network-endpoint attacker to perform a man-in-the-middle attack and potentially view communications between a...

5.9CVSS5.7AI score0.0031EPSS