Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Extremexos | Extremenetworks | 21.1 | 21.1 |
Extremexos | Extremenetworks | 21.1.1 | 21.1.1 |
Extremexos | Extremenetworks | 21.1.2 | 21.1.2 |
Extremexos | Extremenetworks | 21.1.3 | 21.1.3 |
Extremexos | Extremenetworks | 21.1.4 | 21.1.4 |
Extremexos | Extremenetworks | 22.1 | 22.1 |
Extremexos | Extremenetworks | 22.2 | 22.2 |
Extremexos | Extremenetworks | 22.3 | 22.3 |
Extremexos | Extremenetworks | 22.4 | 22.4 |
Extremexos | Extremenetworks | 16.1.2 | 16.1.2 |
Extremexos | Extremenetworks | 16.1.3 | 16.1.3 |
Extremexos | Extremenetworks | 16.1.4 | 16.1.4 |
Extremexos | Extremenetworks | 16.2 | 16.2 |
Extremexos | Extremenetworks | 16.2.2 | 16.2.2 |
Extremexos | Extremenetworks | 16.2.3 | 16.2.3 |
Extremexos | Extremenetworks | 16.2.4 | 16.2.4 |
Extremexos | Extremenetworks | 15.7 | 15.7 |