Lucene search
K

87 matches found

Tenable Nessus
Tenable Nessus
added 2 days ago5 views

Cisco Catalyst Center Arbitrary File Read (cisco-sa-catc-file-read-wLH2vf8X)

The version of Cisco Catalyst Center formerly Cisco DNA Center installed on the remote host is affected by a vulnerability. - A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to...

7.5CVSS7.3AI score0.00756EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 5:16 p.m.7 views

CVE-2026-20191

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS0.00756EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 4:27 p.m.31 views

CVE-2026-20191 Cisco Catalyst Center Arbitrary File Read Vulnerability

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS0.00756EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 4:27 p.m.8 views

EUVD-2026-41078

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS6AI score0.00756EPSS
Exploits0References1
Cisco
Cisco
added 2026/07/01 4:0 p.m.11 views

Cisco Catalyst Center Arbitrary File Read Vulnerability

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS6AI score0.00756EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.7 views

PT-2026-54702

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center affected versions not specified Description Insufficient validation of user-supplied input allows an unauthenticated, remote attacker to read arbitrary files from a restricted container. This is achieved by sending a...

7.5CVSS6AI score0.00756EPSS
Exploits0References5
CNVD
CNVD
added 2025/11/28 12:0 a.m.5 views

Cisco Catalyst Center Operating System Command Injection Vulnerability

Cisco Catalyst Center Cisco DNA Center is a network management system from the American company Cisco. Cisco Catalyst Center Cisco DNA Center suffers from an operating system command injection vulnerability that stems from insufficient user input validation. An attacker could exploit this...

8.8CVSS5.8AI score0.00324EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/28 12:0 a.m.2 views

Cisco Catalyst Center Virtual Appliance Input Validation Error Vulnerability

Cisco Catalyst Center Virtual Appliance is a network controller and automated management platform from the American company Cisco Cisco. An input validation error vulnerability exists in the Cisco Catalyst Center Virtual Appliance that stems from improper validation of HTTP request parameters in...

4.7CVSS5.8AI score0.00215EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/28 12:0 a.m.3 views

Cisco Catalyst Center Virtual Appliance Access Control Error Vulnerability

Cisco Catalyst Center Virtual Appliance is a network controller and automated management platform from the American company Cisco Cisco. The Cisco Catalyst Center Virtual Appliance suffers from an Access Control Error vulnerability that stems from insufficient validation of user input. An attacke...

8.8CVSS6.8AI score0.00515EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/28 12:0 a.m.6 views

Cisco Catalyst Center Cross-Site Scripting Vulnerability

Cisco Catalyst Center Cisco DNA Center is a network management system from the American company Cisco. Cisco Catalyst Center suffers from a cross-site scripting vulnerability that stems from insufficient user input validation. An attacker could exploit the vulnerability to cause cross-site...

6.1CVSS5.3AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 4:55 p.m.6 views

CVE-2025-20346

A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control RBAC. An attacker...

4.3CVSS6.9AI score0.00239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 4:55 p.m.5 views

CVE-2025-20355

A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit...

4.7CVSS6.7AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 4:55 p.m.5 views

CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

8.8CVSS7.4AI score0.00324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 4:55 p.m.4 views

CVE-2025-20353

A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An...

6.1CVSS6.2AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 4:55 p.m.7 views

CVE-2025-20341

A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by...

8.8CVSS6.7AI score0.00515EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 6:31 p.m.7 views

EUVD-2025-175329

A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit...

4.7CVSS6.2AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/13 6:31 p.m.4 views

EUVD-2025-175337

A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control RBAC. An attacker...

4.3CVSS6.5AI score0.00239EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/13 6:31 p.m.5 views

EUVD-2025-175335

A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An...

6.1CVSS5.7AI score0.00195EPSS
Exploits0References2
OSV
OSV
added 2025/11/13 5:15 p.m.3 views

CVE-2025-20353

A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An...

6.1CVSS6AI score
Exploits0References1
NVD
NVD
added 2025/11/13 5:15 p.m.5 views

CVE-2025-20353

A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An...

6.1CVSS0.00195EPSS
Exploits0References1
Rows per page
Query Builder