Vulnerabilities (CVE)

Filtered by vendor Cumulusnetworks Subscribe
Filtered by product Cumulus Linux
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-15865 2 Cumulusnetworks, Frrouting 2 Cumulus Linux, Frrouting 2024-11-21 5.0 MEDIUM 7.5 HIGH
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).
CVE-2015-5699 1 Cumulusnetworks 1 Cumulus Linux 2024-11-21 7.2 HIGH 7.8 HIGH
The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label.