An authentication bypass vulnerability exists in
the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass
security controls and gain unauthorized access to the underlying filesystem.
Successful exploitation could allow an attacker to read or modify system files.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://www.ciena.com/product-security |
|
History
Mon, 06 Jul 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Ciena
Ciena 6500 S-series Ciena 6500 T-series Ciena cpl Ciena pts |
|
| Vendors & Products |
Ciena
Ciena 6500 S-series Ciena 6500 T-series Ciena cpl Ciena pts |
Mon, 06 Jul 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Mon, 06 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An authentication bypass vulnerability exists in the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass security controls and gain unauthorized access to the underlying filesystem. Successful exploitation could allow an attacker to read or modify system files. | |
| Title | SFTP Server Authentication Weakness | |
| Weaknesses | CWE-288 | |
| References |
|
Status: PUBLISHED
Assigner: Ciena
Published: 2026-07-06T15:25:56.938Z
Updated: 2026-07-06T18:42:39.325Z
Reserved: 2026-03-31T19:44:32.296Z
Link: CVE-2026-5268
Updated: 2026-07-06T18:42:28.543Z
No data.
No data.