23 matches found
EUVD-2013-1211
Malware in sbrugna...
EUVD-2013-1203
Malware in sbrugna...
EUVD-2020-24423
Malware in sbrugna...
EUVD-2021-6611
Malicious code in bioql PyPI...
CVE-2013-1171
Multiple cross-site scripting XSS vulnerabilities in the element-list implementation in Cisco Connected Grid Network Management System CG-NMS allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCue14517, CSCue38914, CSCue38884, CSCue38882,...
CVE-2013-1163
Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System CG-NMS allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746...
The vulnerability of the password change interface of the Cisco Connected Mobile Experiences (CMX) software allows a hacker to bypass security mechanisms.
The vulnerability of the Cisco Connected Mobile Experiences CMX password change interface is related to deficiencies in the management of registration data. Exploiting this vulnerability could allow a malicious actor to bypass security measures through a specially created API request...
Cisco Connected Mobile Experiences Strong Authentication Requirements Enforcement Bypass
A vulnerability in the change password API of Cisco Connected Mobile Experiences CMX could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device. This vulnerability...
The vulnerability of the Cisco Connected Mobile Experiences software, related to authentication errors, allows a perpetrator to elevate their privileges and gain unauthorized access to protected information.
The vulnerability of the Cisco Connected Mobile Experiences software relates to authentication errors. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected information...
Cisco Connected Mobile Experiences User Enumeration Vulnerability
Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. A user enumeration vulnerability exists in API authorization for Cisco Connected Mobile Experiences...
Cisco Connected Mobile Experiences Access Control Error Vulnerability
Cisco Connected Mobile Experiences is a connected mobile experience from Cisco USA. An access control error vulnerability exists in Cisco Connected Mobile Experiences that could allow a remote, authenticated attacker with no administrative privileges to change the password of any user on an...
CVE-2021-1143
A vulnerability in Cisco Connected Mobile Experiences CMX API authorizations could allow an authenticated, remote attacker to enumerate what users exist on the system. The vulnerability is due to a lack of authorization checks for certain API GET requests. An attacker could exploit this...
PT-2021-1645 · Cisco · Cisco Connected Mobile Experiences
Name of the Vulnerable Software and Affected Versions: Cisco Connected Mobile Experiences CMX affected versions not specified Description: The issue is related to a lack of authorization checks for certain API GET requests, which could allow an authenticated, remote attacker to enumerate users on...
CVE-2020-3151
A vulnerability in the CLI of Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. The vulnerability is due to insufficient security mechanisms in the restricted shell implementation. An attacker cou...
CVE-2020-3152
A vulnerability in Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to execute arbitrary commands with root privileges. The vulnerability is due to improper user permissions that are configured by default on an affected system. An...
CVE-2020-3151 Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability
A vulnerability in the CLI of Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. The vulnerability is due to insufficient security mechanisms in the restricted shell implementation. An attacker cou...
Cisco Connected Mobile Experiences Elevation of Privilege Vulnerability
Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. An elevation of privilege vulnerability exists in Cisco Connected Mobile Experiences 10.6.0, 10.6.1...
The vulnerability of the Cisco Connected Mobile Experiences software lies in the lack of protection for operational data, which allows an attacker to gain access to protected information.
The vulnerability of the Cisco Connected Mobile Experiences software lies in the lack of protection for sensitive data. Exploiting this vulnerability could allow an attacker to gain access to protected information by sending HTTP GET requests to the vulnerable device...
CVE-2019-1645
A vulnerability in the Cisco Connected Mobile Experiences CMX software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected...
CVE-2019-1645
A vulnerability in the Cisco Connected Mobile Experiences CMX software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected...