Vulnerabilities > Lannerinc > IAC Ast2500A Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-24 | CVE-2021-45925 | Information Exposure Through Discrepancy vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. | 5.3 |
| 2022-10-24 | CVE-2021-46279 | Session Fixation vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. | 8.8 |