Weak Session Identifier Vulnerability in Alcatel-Lucent OmniSwitch Products
CVE-2015-2804

Currently unrated

Key Information:

Vendor

Alcatel-lucent

Status
Omniswitch Firmware
Vendor
CVE Published:
16 June 2015

What is CVE-2015-2804?

The management web interface of various Alcatel-Lucent OmniSwitch models generates weak session identifiers in versions prior to 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02. This security flaw allows attackers to exploit brute force techniques to hijack sessions, potentially gaining unauthorized access to sensitive information or administrative functions. Organizations using affected devices should prioritize updating their firmware to mitigate the risk of exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.redteam-pentesting.de/en/advisories/rt-sa-201...
x_refsource_MISC
http://seclists.org/fulldisclosure/2015/Jun/22
mailing-listx_refsource_FULLDISC
http://www.securityfocus.com/archive/1/535731/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.