Versa-networks Versa Operating System — known CVE vulnerabilities
Every CVE whose affected-product data names Versa-networks Versa Operating System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-16494 — CVSS 8.8 (high): In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file…
CVE-2018-16495 — CVSS 8.8 (high): In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed after the user…
CVE-2018-16499 — CVSS 5.9 (medium): In VOS compromised, an attacker at network endpoints can possibly view communications between an unsuspecting user and the service using…
CVE-2019-25030 — CVSS 5.5 (medium): In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation…