Vulnerabilities > Microsemi

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-11	CVE-2014-5070	Permissions, Privileges, and Access Controls vulnerability in Microsemi S350I Firmware 2.70.15 Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page. network low complexity microsemi CWE-264	8.8
2018-01-11	CVE-2014-5068	Path Traversal vulnerability in Microsemi S350I Firmware 2.70.15 Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\ (dot dot forward slash) before a file name. network low complexity microsemi CWE-22	7.5
2018-01-08	CVE-2014-5071	SQL Injection vulnerability in Microsemi S350I Firmware 2.70.15 SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username. network low complexity microsemi CWE-89 critical	9.8
2018-01-08	CVE-2014-5069	Cross-site Scripting vulnerability in Microsemi S350I Firmware 2.70.15 Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs. network low complexity microsemi CWE-79	6.1

Vulnerabilities > Microsemi {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microsemi"}]}