Known Vulnerabilities for products from Extremenetworks
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Extremenetworks".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Extremenetworks can be found at device.report : Extremenetworks
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-16847 | Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET... | 6.1 - MEDIUM | 2020-08-04 | 2020-08-11 |
| CVE-2020-16152 | The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a a... | 9.8 - CRITICAL | 2021-11-14 | 2021-11-18 |
| CVE-2020-13820 | Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request. | 6.1 - MEDIUM | 2020-08-03 | 2023-11-07 |
| CVE-2020-13819 | Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request. | 6.1 - MEDIUM | 2020-08-05 | 2020-08-06 |
| CVE-2018-5797 | An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is an Smi... | 7.5 - HIGH | 2018-02-05 | 2019-10-03 |
| CVE-2018-5787 | An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remo... | 7.5 - HIGH | 2018-02-05 | 2020-08-24 |
| CVE-2017-14332 | Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values. | 8.1 - HIGH | 2017-10-23 | 2019-10-03 |
| CVE-2017-14331 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain... | 6.7 - MEDIUM | 2017-10-23 | 2019-10-03 |
| CVE-2017-14330 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process. | 6.7 - MEDIUM | 2017-10-23 | 2019-10-03 |
| CVE-2017-14329 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell. | 6.7 - MEDIUM | 2017-10-23 | 2019-10-03 |
| CVE-2017-14328 | Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot. | 7.5 - HIGH | 2017-10-23 | 2019-10-17 |
| CVE-2017-14327 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files. | 4.4 - MEDIUM | 2017-10-23 | 2017-11-08 |
| CVE-2013-7309 | The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link ... | 5.4 - MEDIUM | 2014-01-23 | 2014-01-23 |
| CVE-2005-1670 | Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 before 11.1.3.3, 11.0 befo... | 4.6 - MEDIUM | 2005-05-19 | 2018-09-26 |
Known software with vulnerabilities from Extremenetworks
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Extremenetworks | Alpine | - |
| Hardware | Extremenetworks | Blackdiamond 10808 | - |
| Hardware | Extremenetworks | Blackdiamond 8800 | - |
| Operating System | Extremenetworks | Exos | - |
| Application | Extremenetworks | Extreme Management Center | 8.4.1.24 |
| Operating System | Extremenetworks | Extremeware Xos | - |
| Operating System | Extremenetworks | Extremewireless Wing | 5.0 |
| Operating System | Extremenetworks | Extremexos | 15.3.5 |
| Hardware | Extremenetworks | Msm64 | - |
| Hardware | Extremenetworks | Summit | - |