Vulnerabilities > Lannerinc > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-24 | CVE-2021-26732 | Unspecified vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 A broken access control vulnerability in the First_network_func function of spx_restservice allows an attacker to arbitrarily change the network configuration of the BMC. | 5.3 |
| 2022-10-24 | CVE-2021-44769 | Improper Input Validation vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 An improper input validation vulnerability in the TLS certificate generation function allows an attacker to cause a Denial-of-Service (DoS) condition which can only be reverted via a factory reset. | 6.5 |
| 2022-10-24 | CVE-2021-44776 | Unspecified vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 A broken access control vulnerability in the SubNet_handler_func function of spx_restservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. | 5.3 |
| 2022-10-24 | CVE-2021-45925 | Information Exposure Through Discrepancy vulnerability in Lannerinc Iac-Ast2500A Firmware 1.10.0 Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. | 5.3 |