Vulnerabilities > Ecos > System Management Appliance
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-17 | CVE-2018-12338 | Unspecified vulnerability in Ecos System Management Appliance 5.2.68 Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access. | 9.8 |
| 2018-06-17 | CVE-2018-12335 | Incorrect Permission Assignment for Critical Resource vulnerability in Ecos System Management Appliance 5.2.68 Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment. | 7.3 |
| 2018-06-17 | CVE-2018-12331 | Authentication Bypass by Spoofing vulnerability in Ecos System Management Appliance 5.2.68 Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment." | 7.4 |