Authentication Bypass Vulnerability in Ciena's Network Control Suite
CVE-2026-5270
Currently unrated
What is CVE-2026-5270?
An authentication bypass vulnerability has been discovered in Ciena's Navigator Network Control Suite, Manage Control Plan, and Blue Planet products. This issue arises from improper handling of HTTP request paths and headers, enabling unauthenticated attackers to craft requests that circumvent authentication mechanisms and disrupt audit logging. As a result, sensitive operations could be performed without proper authorization, exposing critical systems to potential exploitation.
Affected Version(s)
Inventory <=24.04.001 <= 24.04.001
Inventory <=23.12.401 <= 23.12.401
Inventory <=23.08.302 <= 23.08.302
