Omniswitch Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*
part: o version: * update: *
| Vendor | Alcatel Lucent (cd3e8d12-5838-5834-947c-31bf8161e901) |
|---|---|
| Product | Omniswitch Firmware (7f750f33-8108-564e-9cdd-b993bd70163b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2015-2805 |
vulnerable | 2026-06-03 14:34:47.893547 |
Details available
Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02, 7.3.2.R01, 7.3.3.R01, 7.3.4.R01, and 8.1.1.R01 allows remote attackers to hijack the authentication of administrators for requests that create users via a crafted request.
Published: 2015-06-16T16:00:00.000Z
Updated: 2024-08-06T05:24:38.893Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-2804 |
vulnerable | 2026-06-03 14:34:47.887092 |
Details available
The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifiers, which allows remote attackers to hijack arbitrary sessions via a brute force attack.
Published: 2015-06-16T16:00:00.000Z
Updated: 2024-08-06T05:24:38.913Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.