National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:a10networks:advanced_core_operating_system:2.7.1
There are 2 matching records.
Vuln ID Summary CVSS Severity
CVE-2016-10213

A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270.

Published: February 08, 2017; 11:59:00 AM -05:00
V3: 5.9 MEDIUM
V2: 4.3 MEDIUM
CVE-2014-3976

Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) before 2.7.0-p6 and 2.7.1 before 2.7.1-P1_55 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long session id in the URI to sys_reboot.html. NOTE: some of these details are obtained from third party information.

Published: June 05, 2014; 01:55:08 PM -04:00
V2: 5.0 MEDIUM