Vulnerabilities > Extremenetworks > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-08-05 CVE-2020-13819 Cross-site Scripting vulnerability in Extremenetworks Extreme Management Center 8.4.1.24/8.5
Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request. 		4.3
4.3
2020-08-04 CVE-2020-16847 Cross-site Scripting vulnerability in Extremenetworks Extreme Management Center 8.4.1.24/8.5
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887. 		4.3
4.3
2020-08-03 CVE-2020-13820 Cross-site Scripting vulnerability in Extremenetworks Extreme Management Center 8.4.1.24
Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.
network
low complexity
extremenetworks CWE-79
6.1
6.1
2018-02-05 CVE-2018-5787 Out-of-bounds Write vulnerability in Extremenetworks Extremewireless Wing
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3.
network
low complexity
extremenetworks CWE-787
5.0
5.0
2017-10-23 CVE-2017-14332 Unspecified vulnerability in Extremenetworks Extremexos
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
network
extremenetworks
6.8
6.8
2017-10-23 CVE-2017-14327 Information Exposure vulnerability in Extremenetworks Extremexos
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.
local
low complexity
extremenetworks CWE-200
4.9
4.9
2014-01-23 CVE-2013-7309 Unspecified vulnerability in Extremenetworks Exos
The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. 		5.4
5.4
2005-05-19 CVE-2005-1670 Local Security vulnerability in ExtremeWare XOS
Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 before 11.1.3.3, 11.0 before 11.0.2.4, and 10.x allows remote authenticated users to execute arbitrary commands.
local
low complexity
extremenetworks
4.6
4.6