Security Advisory

CVE-2018-10024

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-04-11 17:00:00

Last updated 2024-09-17 03:13:37

Assigner mitre

State PUBLISHED

Description

ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs. The file can be reached via an HTTP request. The credentials can be used to access the system via SSH (or TELNET if it is enabled).

← Browse all CVEs View on cve.org ↗