CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ecos: >> System Management Appliance >> 5.2.68 Security Vulnerabilities

CVE-2018-12331

Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment."

CVSS Score

7.4

EPSS Score

0.002

Published

2018-06-17

CVE-2018-12335

Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment.

CVSS Score

7.3

EPSS Score

0.001

Published

2018-06-17

CVE-2018-12338

Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.

CVSS Score

9.8

EPSS Score

0.004

Published

2018-06-17

Page 1

Vulnerabilities

Vulnerable Software

Ecos: >> System Management Appliance >> 5.2.68 Security Vulnerabilities

Products

Pricing

Contact Us