Back to search
CVE-2015-2804
Published: Jun 16, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifiers, which allows remote attackers to hijack arbitrary sessions via a brute force attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20150610 [RT-SA-2015-003] Alcatel-Lucent OmniSwitch Web Interface Weak Session ID
mailing-list
x_refsource_FULLDISC
20150610 [RT-SA-2015-003] Alcatel-Lucent OmniSwitch Web Interface Weak Session ID
mailing-list
x_refsource_BUGTRAQ
75125
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now