Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control Granularity impacting Infinera G42
Vulnerability Description
A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3 allows an authenticated administrator to make other management interfaces unavailable via local and network interfaces. The CLI deactivation via the WebGUI does not only stop CLI interface but deactivates also Linux Shell, WebGUI and Physical Serial Console access. No confirmation is asked at deactivation time. Loosing access to these services device administrators are at risk of completely loosing device control.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
CWE-1220
Vulnerability Title
Infinera G42 安全漏洞
Vulnerability Description
Infinera G42是美国Infinera公司的一款光网络的模块平台。 Infinera G42 R6.1.3版本存在安全漏洞,该漏洞源于缺少确认机制,可能导致服务不可用。
CVSS Information
N/A
Vulnerability Type
N/A