Vulnerabilities > Cumulusnetworks

DATE CVE VULNERABILITY TITLE RISK
2017-11-08 CVE-2017-15865 Information Exposure vulnerability in Frrouting
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).
network
low complexity
frrouting cumulusnetworks CWE-200
5.0
2017-10-22 CVE-2015-5699 Permissions, Privileges, and Access Controls vulnerability in Cumulusnetworks Cumulus Linux 2.5.3
The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label.
local
low complexity
cumulusnetworks CWE-264
7.2