Alcatel-lucent ≫ Omniswitch Firmware

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

6.8

CVE-2015-2805

Exploit

EPSS 1.12%
Published 16.06.2015 16:59:01
Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, ...

4.3

CVE-2015-2804

Exploit

EPSS 0.54%
Published 16.06.2015 16:59:00
Last modified 12.04.2025 10:46:40

The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifiers, which allows remote attackers to hijack arbitrar...