Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ecos Subscribe
Filtered by product System Management Appliance
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-12331 1 Ecos 1 System Management Appliance 2020-08-24 5.8 MEDIUM 7.4 HIGH
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment."
CVE-2018-12335 1 Ecos 1 System Management Appliance 2019-10-02 4.1 MEDIUM 7.3 HIGH
Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment.
CVE-2018-12338 1 Ecos 1 System Management Appliance 2019-10-02 10.0 HIGH 9.8 CRITICAL
Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.