Versa-networks Versa_operating_system
4 CVEs affecting Versa-networks Versa_operating_system. Latest disclosed: 2021-05-26. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-16495 | High | 8.8 | 2021-05-26 | In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed after the user successfully logs into… |
CVE-2018-16494 | High | 8.8 | 2021-05-26 | In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result… |
CVE-2018-16499 | Medium | 5.9 | 2021-05-26 | In VOS compromised, an attacker at network endpoints can possibly view communications between an unsuspecting user and the service using man-in-the-middle atta… |
CVE-2019-25030 | Medium | 5.5 | 2021-05-26 | In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage… |