14 matches found
EUVD-2020-24647
Malware in sbrugna...
CVE-2020-3538
A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploi...
CVE-2021-1250
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow a remote attacker with network-operator privileges to conduct a cross-site scripting XSS attack or a reflected file download RFD attack against a user of the interface. For more...
CVE-2021-1247
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory...
Cisco Data Center Network Manager Authorization Bypass Vulnerability
Cisco Data Center Network Manager DCNM is a data center management system from Cisco. The system works with Cisco Nexus and MDS series switches and provides storage visualization, configuration and troubleshooting. An authorization issue vulnerability exists in the Web management interface in Cis...
CVE-2020-3354
A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient inpu...
Cisco Data Center Network Manager elevation of privilege vulnerability (CNVD-2020-10705)
Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. An elevation of privilege vulnerability exists in the REST API endpoint of Cisco...
The vulnerability of the SOAP API interface of the Cisco Data Center Network Manager system allows a attacker to execute arbitrary commands.
The vulnerability of the SOAP API interface of the Cisco Data Center Network Manager DCNM system exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on t...
The vulnerability of the REST API interface of the Cisco Data Center Network Manager system allows a attacker to perform arbitrary actions on the vulnerable device.
The vulnerability of the REST API interface of the Cisco Data Center Network Manager DCNM system is related to the use of pre-installed registration data. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions on the vulnerable device remotely...
CVE-2019-15984
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...
Cisco Data Center Network Manager getVsanListForEnclosures SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Cisco Data Center Network Manager getAllVpcs SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Cisco Data Center Network Manager DbAdminRest saveLicenseFileToServer Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Security Bulletin: IBM API Connect is impacted by multiple open source software vulnerabilities.
Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-0268 DESCRIPTION: Microsoft Server Message Block 1.0 SMBv1 could allow a remote attacker to obtain sensitive information, caused by improper handling of incoming requests. By sending...