Raphaël Lob

**Name of the Vulnerable Software and Affected Versions** Izanami versions prior to 1.11.0 **Description** The issue allows attackers to bypass authentication in the application when deployed using the official Docker image. This is due to a hard-coded secret used to sign the authentication token (JWT), which could enable an attacker to compromise another instance of the application. **Recommendations** For versions prior to 1.11.0, update to version 1.11.0 to resolve the issue. As a temporary workaround, consider restricting access to the JWT authentication mechanism until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Huawei AR120-S version Huawei AR1200 version Huawei AR1200-S version Huawei AR150 version Huawei AR150-S version Huawei AR160 version Huawei AR200 version Huawei AR200-S version Huawei AR2200 version Huawei AR2200-S version Huawei AR3200 version Huawei AR3600 version **Description** The issue is related to an information leakage vulnerability. An attacker with low permissions can view some high-privilege information by running specific commands. Successful exploitation could cause an information disclosure condition. **Recommendations** For Huawei AR120-S, update to a version that includes a fix for this issue. For Huawei AR1200, update to a version that includes a fix for this issue. For Huawei AR1200-S, update to a version that includes a fix for this issue. For Huawei AR150, update to a version that includes a fix for this issue. For Huawei AR150-S, update to a version that includes a fix for this issue. For Huawei AR160, update to a version that includes a fix for this issue. For Huawei AR200, update to a version that includes a fix for this issue. For Huawei AR200-S, update to a version that includes a fix for this issue. For Huawei AR2200, update to a version that includes a fix for this issue. For Huawei AR2200-S, update to a version that includes a fix for this issue. For Huawei AR3200, update to a version that includes a fix for this issue. For Huawei AR3600, update to a version that includes a fix for this issue.