5 matches found
Cisco Security Manager Java Deserialization (cisco-sa-csm-java-rce-mWJEedcD)
A remote code execution vulnerability exists in Cisco Security Manager due to insecure deserialization of user-supplied content. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands. Note that Nessus has not tested for this issue but has...
Vulnerabilities fixed in Cisco Security Manager
Cisco has fixed multiple vulnerabilities in Cisco Security Manager. An unauthenticated remote malicious person could potentially exploit the vulnerabilities potentially exploit them to execute arbitrary code execute under SYSTEM privileges or to gain access to certain user credentials. For the...
CVE-2020-27131
Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied content by the...
CVE-2020-27131
Cisco Security Manager is affected by CVE-2020-27131 due to insecure Java deserialization of user-supplied content. An unauthenticated, remote attacker can send a malicious serialized Java object to a specific listener and execute arbitrary commands on the target device with SYSTEM privileges on ...
Cisco Security Manager Remote Code Execution (CVE-2020-27131)
A remote code execution vulnerability exists in Cisco Security Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...