cancel
Showing results for 
Search instead for 
Did you mean: 

Vulnerability Notices || VN 2017-003 & VN 2017-004

Vulnerability Notices || VN 2017-003 & VN 2017-004

Drew_C
Valued Contributor III
Extreme Networks has been made aware of a number of vulnerabilities present in its ExtremeXOS software. These vulnerabilities have been resolved in currently available releases and are described in two separate Vulnerability Notices, listed below:Customers with a current maintenance and support contract may access the Extreme Portal for software updates at: https://extremeportal.force.com/

If you have additional questions concerning this information, post a response below or contact your Extreme Networks representative.

NOTE: Extreme's Vulnerability Notices are posted in the GTAC Knowledge section of the Extreme Portal.

1 REPLY 1

Erik_Auerswald
Contributor II
Hi,

VN 2017-003 is a bit funny, since other vendors allow root access to the switches by default and admin privileges are needed to escalate to root.

I accept that a possibility to restrict root access by configuration can be useful, as planned for addressing the "vulnerabilities."

Thanks,
Erik
GTM-P2G8KFN