During a penetration test, RedTeam Pentesting discovered a vulnerability in the management web interface of an Alcatel-Lucent OmniSwitch 6450. This interface uses easily guessable session IDs, which allows attackers to authenticate as a currently logged-in user and perform administrative tasks.
81e6be2bf4112b23f31a9a4eb65f9147c563e93f5117e6190c5f3a95354f3823