Advanced Core Operating System A10networks Advanced Core Operating System

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in A10networks Advanced Core Operating System.

By the Year

In 2025 there have been 0 vulnerabilities in A10networks Advanced Core Operating System. Last year, in 2024 Advanced Core Operating System had 2 security vulnerabilities published. Right now, Advanced Core Operating System is on track to have less security vulnerabilities in 2025 than it did last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 2 8.30
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 1 9.80
2019 0 0.00
2018 1 7.50

It may take a day or so for new Advanced Core Operating System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent A10networks Advanced Core Operating System Security Vulnerabilities

A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability

CVE-2024-30369 7.8 - High - June 06, 2024

A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of A10 Thunder ADC. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the installer. The issue results from incorrect permissions on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-22754.

Incorrect Permission Assignment for Critical Resource

A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability

CVE-2024-30368 8.8 - High - June 06, 2024

A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability. The specific flaw exists within the CsrRequestView class. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of a10user. Was ZDI-CAN-22517.

Command Injection

A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability

CVE-2020-24384 9.8 - Critical - November 10, 2020

A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5.1.x are affected. aGalaxy versions 3.0.x, 3.2.x, and 5.0.x are affected.

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet

CVE-2018-5390 7.5 - High - August 06, 2018

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

Resource Exhaustion

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Enterprise Linux Workstation or by A10networks? Click the Watch button to subscribe.

A10networks
Vendor

subscribe