CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

NVD•added 2023/03/02 1:15 a.m.•15 views

CVE-2023-0053

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could...

7.5CVSS7.6AI score0.00386EPSS

Exploits0References1

Cvelist•added 2023/01/20 9:23 p.m.•28 views

CVE-2023-0052 SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...

9.8CVSS9.7AI score0.0071EPSS

Exploits0References1

CISA•added 2023/01/12 12:0 a.m.•17 views

CISA Releases Twelve Industrial Control Systems Advisories

CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

0.8AI score

Exploits0References12

ICS•added 2023/01/12 12:0 a.m.•115 views

SAUTER Controls Nova 200 - 220 Series (PLC 6)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: Nova 200–220 Series PLC 6 Vulnerabilities: Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful...

9.8CVSS9.2AI score0.0071EPSS

Exploits0References4

Tenable Nessus•added 2022/01/10 12:0 a.m.•13 views

Cisco Small Business 220 Series Smart Switch Detection

Binary data ciscosmallbusiness220seriessmartswitchdetect.nbin...

7.3AI score

Exploits0References1

BDU FSTEC•added 2021/12/07 12:0 a.m.•1 views

The vulnerability of Cisco Small Business 220 Series Smart Switch microprogramming software lies in the lack of protection for service data. This allows a hacker to gain access to confidential login credentials or alter user passwords within the user account.

The vulnerability of the microprogrammed software of Cisco Small Business 220 Series Smart Switches lies in the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain access to login credentials or reconfigure passwords in the user account...

6.8CVSS5.6AI score0.00725EPSS

Exploits0References2Affected Software1

OSV•added 2021/10/06 8:15 p.m.•1 views

CVE-2021-34779

Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...

8.8CVSS5.9AI score

Exploits0References1

NVD•added 2021/10/06 8:15 p.m.•10 views

CVE-2021-34779

8.8CVSS0.00504EPSS

Exploits0References1

OSV•added 2021/10/06 8:15 p.m.•1 views

CVE-2021-34778

4.3CVSS5.9AI score

Exploits0References1

OSV•added 2021/10/06 8:15 p.m.•2 views

CVE-2021-34777

4.3CVSS5.9AI score0.00398EPSS

Exploits0References1

OSV•added 2021/10/06 8:15 p.m.•1 views

CVE-2021-34775

4.3CVSS5.9AI score0.00398EPSS

Exploits0References1

OSV•added 2021/10/06 8:15 p.m.•2 views

CVE-2021-34776

4.3CVSS5.9AI score0.00398EPSS

Exploits0References1

NVD•added 2021/10/06 8:15 p.m.•13 views

CVE-2021-34775

4.3CVSS0.00398EPSS

Exploits0References1

NVD•added 2021/10/06 8:15 p.m.•22 views

CVE-2021-34757

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...

5.5CVSS0.00604EPSS

Exploits0References1

NVD•added 2021/10/06 8:15 p.m.•18 views

CVE-2021-34744

4.9CVSS0.00725EPSS

Exploits0References1

Prion•added 2021/10/06 8:15 p.m.•21 views

Design/Logic Flaw

4CVSS5.1AI score0.00725EPSS

Exploits0References1Affected Software16

Prion•added 2021/10/06 8:15 p.m.•9 views

Design/Logic Flaw

2.9CVSS5.1AI score0.00398EPSS

Exploits0References1Affected Software16

CVE•added 2021/10/06 7:46 p.m.•41 views

CVE-2021-34744

CVE-2021-34744 affects Cisco Business 220 Series Smart Switches. The Cisco advisory describes multiple vulnerabilities in the device firmware that could allow an Administrator to access sensitive login credentials or reconfigure passwords. The root cause is related to hardcoded/static credentials...

4.9CVSS5.2AI score0.00725EPSS

Exploits0References1Affected Software1

CVE•added 2021/10/06 7:46 p.m.•57 views

CVE-2021-34757

CVE-2021-34757 affects Cisco Business 220 Series Smart Switches firmware. The root issue is static/key/password vulnerabilities (hardcoded credentials) in the device firmware that could let an attacker with Administrator privileges access sensitive login credentials or reconfigure user passwords....

5.5CVSS5.3AI score0.00604EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2021/10/06 7:46 p.m.•11 views

CVE-2021-34757 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities

4.9CVSS6.8AI score0.00604EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by