Header Only - DO NOT REMOVE - Extreme Networks

Vulnerability Notices || VN 2017-003 & VN 2017-004

Userlevel 7
Extreme Networks has been made aware of a number of vulnerabilities present in its ExtremeXOS software. These vulnerabilities have been resolved in currently available releases and are described in two separate Vulnerability Notices, listed below:Customers with a current maintenance and support contract may access the Extreme Portal for software updates at: https://extremeportal.force.com/

If you have additional questions concerning this information, post a response below or contact your Extreme Networks representative.

NOTE: Extreme's Vulnerability Notices are posted in the GTAC Knowledge section of the Extreme Portal.

1 reply

Userlevel 7

VN 2017-003 is a bit funny, since other vendors allow root access to the switches by default and admin privileges are needed to escalate to root.

I accept that a possibility to restrict root access by configuration can be useful, as planned for addressing the "vulnerabilities."