Lucene search
+L

818 matches found

OSV
OSV
added 2017/10/19 8:29 a.m.4 views

CVE-2017-12289

A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug...

4.4CVSS5.8AI score0.00367EPSS
Exploits0References3
OSV
OSV
added 2017/10/05 1:29 a.m.10 views

CVE-2017-12728

An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the...

7.8CVSS6.1AI score0.00388EPSS
Exploits2References2
OSV
OSV
added 2017/09/21 5:29 a.m.4 views

CVE-2017-12255

A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker could exploit this...

6.7CVSS5.8AI score0.00425EPSS
Exploits0References3
CNVD
CNVD
added 2017/09/08 12:0 a.m.7 views

SpiderControl SCADA Web Server Elevation of Privilege Vulnerability

SCADA Web Server is a software management platform. An elevation of privilege vulnerability exists in SpiderControl SCADA Web Server. An authenticated, non-administrative local user could change the service executable with elevated privileges, allowing an attacker to execute arbitrary code in the...

7.8CVSS7.8AI score0.00388EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2017/09/01 12:0 a.m.25 views

CVE-2017-14105

HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker – even restricted as a tenant – can add a jsp at...

7.8CVSS2.8AI score0.013EPSS
Exploits3References2
OSV
OSV
added 2017/08/17 8:29 p.m.4 views

CVE-2017-6781

A vulnerability in the management of shell user accounts for Cisco Policy Suite CPS Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. The affected privilege level is not at the root level. The vulnerability is due to...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References2
OSV
OSV
added 2017/08/14 4:29 p.m.4 views

CVE-2017-9662

An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Monitouch V-SFT is installed in a directory with weak access controls by default, which could allow an authenticated attacker with local access to escalate privileges...

5.3CVSS5.8AI score0.00447EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/08/14 4:29 p.m.3 views

CVE-2017-9662

An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. Monitouch V-SFT is installed in a directory with weak access controls by default, which could allow an authenticated attacker with local access to escalate privileges...

5.3CVSS5.5AI score0.00447EPSS
Exploits0References5
OSV
OSV
added 2017/07/10 8:29 p.m.5 views

CVE-2017-6735

A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system. More Information: CSCvc91092. Known Affected Releases: 6.2.0 6.2.1...

6.7CVSS6.1AI score0.0042EPSS
Exploits0References3
OSV
OSV
added 2017/07/10 8:29 p.m.5 views

CVE-2017-6732

A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd47343. Known Affected Releases: 4.22.1PP1 4.23.0PP6 4.30.0PP4 4.31.0PP2. Known Fixed Releases: 4.32...

6.7CVSS5.8AI score0.00313EPSS
Exploits0References2
CNVD
CNVD
added 2017/07/10 12:0 a.m.4 views

Cisco Prime Network Local Elevation of Privilege Vulnerability

Cisco Prime Network is an integrated component of the Cisco Prime for IP NGN suite and a standalone product. A security vulnerability in the installation process of Cisco Prime Network Software allows an authenticated local attacker to elevate to root privileges...

7.2CVSS6.6AI score0.00313EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/10 12:0 a.m.4 views

Cisco FireSIGHT System Software Arbitrary Code Execution Vulnerability

Cisco FireSIGHT Management Center enables centralized management of network security and operational functions for Cisco ASA with FirePOWER Services and Cisco FirePOWER devices. A security vulnerability exists in the Cisco FireSIGHT System Software in the backup and restore functions, which arise...

7.2CVSS7.5AI score0.0042EPSS
Exploits0References1
OSV
OSV
added 2017/07/04 12:29 a.m.1 views

CVE-2017-6718

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb99384. Known Affected Releases: 6.2.1.BASE. Known Fixed Releases: 6.2.11.3i.ROUT 6.2.1.29i.ROUT 6.2.1.26i.ROUT...

6.7CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2017/07/04 12:29 a.m.2 views

CVE-2017-6705

A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. More Information: CSCvc82973. Known Affected Releases: 12.1...

5.5CVSS5.8AI score0.00351EPSS
Exploits0References3
OSV
OSV
added 2017/07/04 12:29 a.m.6 views

CVE-2017-6719

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges, aka Command Injection. More Information: CSCvb99406. Known Affected Releases: 6.2.1.BASE. Known Fixed Releases:...

6.7CVSS6AI score0.00712EPSS
Exploits0References3
CNVD
CNVD
added 2017/06/26 12:0 a.m.3 views

Cisco IOS XR Software Local Command Injection Vulnerability

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. Cisco IOS XR Software has a security vulnerability in the CLI implementation, where an authenticated local attacker can execute arbitrary commands with root privileges on the host...

7.2CVSS7.3AI score0.00712EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/26 12:0 a.m.3 views

Cisco Prime Collaboration Provisioning Tool Local Information Disclosure Vulnerability

Cisco Prime Collaboration is a comprehensive video and voice service assurance and management system. A security vulnerability exists in the file system in the Cisco Prime Collaboration Provisioning tool where an authenticated local attacker obtains sensitive information...

5.5CVSS6.5AI score0.00351EPSS
Exploits0References1
OSV
OSV
added 2017/06/13 6:29 a.m.6 views

CVE-2017-6696

A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credentials that are stored in an affected system. More Information: CSCvd73677. Known Affected Releases: 2.32...

5.5CVSS5.8AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2017/06/13 6:29 a.m.7 views

CVE-2017-6695

A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information. More Information: CSCvd29398. Known Affected Releases: 21.0.v0.65839...

5.5CVSS5.8AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2017/04/07 5:59 p.m.3 views

CVE-2017-6598

A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System UCS Manager, Cisco Firepower 4100 Series Next-Generation Firewall NGFW, and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege...

6.7CVSS6AI score0.00399EPSS
Exploits0References3
Rows per page
Query Builder