ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| foundrynet | serveriron | 5.1.10t12 |
| foundrynet | serveriron | 6.0 |
Foundry Networks ServerIron switches do not decode URIs when applying "url-map" rules, which could make it easier for attackers to cause the switch to forward traffic to a different server than intended and exploit vulnerabilities that would otherwise be inaccessible.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| foundrynet | serveriron | 7.1.09 |
| foundrynet | serveriron | 5.1.10t12 |
| foundrynet | serveriron | 800 |
| foundrynet | serveriron | xl |
| foundrynet | serveriron | xl_g |
| foundrynet | serveriron | 400 |
| foundrynet | serveriron | 6.0 |
The default configuration of Foundry Networks EdgeIron 4802F allows remote attackers to modify sensitive information via arbitrary SNMP community strings.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| foundrynet | edgeiron | 4802f |