An authentication bypass vulnerability exists in
the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass
security controls and gain unauthorized access to the underlying filesystem.
Successful exploitation could allow an attacker to read or modify system files.
the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass
security controls and gain unauthorized access to the underlying filesystem.
Successful exploitation could allow an attacker to read or modify system files.
Project Subscriptions
No data.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://www.ciena.com/product-security |
|
History
Mon, 06 Jul 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Mon, 06 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An authentication bypass vulnerability exists in the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass security controls and gain unauthorized access to the underlying filesystem. Successful exploitation could allow an attacker to read or modify system files. | |
| Title | SFTP Server Authentication Weakness | |
| Weaknesses | CWE-288 | |
| References |
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Ciena
Published:
Updated: 2026-07-06T18:42:39.325Z
Reserved: 2026-03-31T19:44:32.296Z
Link: CVE-2026-5268
Updated: 2026-07-06T18:42:28.543Z
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses