Vulnerabilities > Brocade > Vyatta 5400 Vrouter Software > 6.6

DATE	CVE	VULNERABILITY TITLE	RISK
2014-10-07	CVE-2014-4870	Improper Input Validation vulnerability in Brocade Vyatta 5400 Vrouter and Vyatta 5400 Vrouter Software /opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration. local low complexity brocade CWE-20	7.2
2014-10-07	CVE-2014-4869	Permissions, Privileges, and Access Controls vulnerability in Brocade Vyatta 5400 Vrouter and Vyatta 5400 Vrouter Software The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group. network low complexity brocade CWE-264	5.0
2014-10-07	CVE-2014-4868	OS Command Injection vulnerability in Brocade Vyatta 5400 Vrouter and Vyatta 5400 Vrouter Software The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console command. network low complexity brocade CWE-78 critical	9.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.