Vulnerabilities > Versa Networks > Versa Operating System > 21.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2018-16494 | Exposure of Resource to Wrong Sphere vulnerability in Versa-Networks Versa Operating System 20.2.0/21.1.0 In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. | 8.8 |
| 2021-05-26 | CVE-2018-16495 | Session Fixation vulnerability in Versa-Networks Versa Operating System 20.2.0/21.1.0 In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed after the user successfully logs into the application. | 8.8 |