Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.47 views

Cisco Security Manager Java Deserialization (cisco-sa-csm-java-rce-mWJEedcD)

A remote code execution vulnerability exists in Cisco Security Manager due to insecure deserialization of user-supplied content. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands. Note that Nessus has not tested for this issue but has...

10CVSS9.6AI score0.87719EPSS
Exploits0References4
NCSC
NCSC
added 2020/11/18 12:0 a.m.5 views

Vulnerabilities fixed in Cisco Security Manager

Cisco has fixed multiple vulnerabilities in Cisco Security Manager. An unauthenticated remote malicious person could potentially exploit the vulnerabilities potentially exploit them to execute arbitrary code execute under SYSTEM privileges or to gain access to certain user credentials. For the...

10CVSS7.8AI score0.87719EPSS
Exploits0
NVD
NVD
added 2020/11/17 4:15 a.m.39 views

CVE-2020-27131

Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied content by the...

10CVSS9AI score0.87719EPSS
Exploits0References1
CVE
CVE
added 2020/11/17 3:10 a.m.112 views

CVE-2020-27131

Cisco Security Manager is affected by CVE-2020-27131 due to insecure Java deserialization of user-supplied content. An unauthenticated, remote attacker can send a malicious serialized Java object to a specific listener and execute arbitrary commands on the target device with SYSTEM privileges on ...

10CVSS9.5AI score0.87719EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2020/11/17 12:0 a.m.30 views

Cisco Security Manager Remote Code Execution (CVE-2020-27131)

A remote code execution vulnerability exists in Cisco Security Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS4.9AI score0.87719EPSS
Exploits0
Rows per page
Query Builder