CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Expresscluster_x | Nec | 1.0 (including) | 1.0 (including) |
| Expresscluster_x | Nec | 2.0 (including) | 2.0 (including) |
| Expresscluster_x | Nec | 2.1 (including) | 2.1 (including) |
| Expresscluster_x | Nec | 3.0 (including) | 3.0 (including) |
| Expresscluster_x | Nec | 3.1 (including) | 3.1 (including) |
| Expresscluster_x | Nec | 3.2 (including) | 3.2 (including) |
| Expresscluster_x | Nec | 3.3 (including) | 3.3 (including) |
| Expresscluster_x | Nec | 4.0 (including) | 4.0 (including) |
| Expresscluster_x | Nec | 4.1 (including) | 4.1 (including) |
| Expresscluster_x | Nec | 4.2 (including) | 4.2 (including) |
| Expresscluster_x | Nec | 4.3 (including) | 4.3 (including) |
| Expresscluster_x | Nec | 5.0 (including) | 5.0 (including) |
| Expresscluster_x_singleserversafe | Nec | 1.0 (including) | 1.0 (including) |
| Expresscluster_x_singleserversafe | Nec | 2.0 (including) | 2.0 (including) |
| Expresscluster_x_singleserversafe | Nec | 2.1 (including) | 2.1 (including) |
| Expresscluster_x_singleserversafe | Nec | 3.0 (including) | 3.0 (including) |
| Expresscluster_x_singleserversafe | Nec | 3.1 (including) | 3.1 (including) |
| Expresscluster_x_singleserversafe | Nec | 3.2 (including) | 3.2 (including) |
| Expresscluster_x_singleserversafe | Nec | 3.3 (including) | 3.3 (including) |
| Expresscluster_x_singleserversafe | Nec | 4.0 (including) | 4.0 (including) |
| Expresscluster_x_singleserversafe | Nec | 4.1 (including) | 4.1 (including) |
| Expresscluster_x_singleserversafe | Nec | 4.2 (including) | 4.2 (including) |
| Expresscluster_x_singleserversafe | Nec | 4.3 (including) | 4.3 (including) |
| Expresscluster_x_singleserversafe | Nec | 5.0 (including) | 5.0 (including) |