CVE-2017-14332

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
extremenetworksextremexos
15.7
extremenetworksextremexos
16.1.2
extremenetworksextremexos
16.1.3
extremenetworksextremexos
16.1.4
extremenetworksextremexos
16.2
extremenetworksextremexos
16.2.2
extremenetworksextremexos
16.2.3
extremenetworksextremexos
16.2.4
extremenetworksextremexos
21.1
extremenetworksextremexos
21.1.1
extremenetworksextremexos
21.1.2
extremenetworksextremexos
21.1.3
extremenetworksextremexos
21.1.4
extremenetworksextremexos
22.1
extremenetworksextremexos
22.2
extremenetworksextremexos
22.3
extremenetworksextremexos
22.4
𝑥
= Vulnerable software versions
References
https://extremeportal.force.com/ExtrArticleDetail?n=000017765
https://extremeportal.force.com/ExtrArticleDetail?n=000017765