Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-7323

Malware in sbrugna...

8CVSS7.1AI score0.00933EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-7322

Malware in sbrugna...

7.3CVSS6.9AI score0.02008EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-1291

Malware in sbrugna...

7.8CVSS7.7AI score0.00327EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/08/20 12:0 a.m.15 views

Cisco Energy Management Suite Default PostgreSQL Password Vulnerability

The version of Cisco Energy Management Suite installed on the remote host is prior to 5.2.3. It, therefore, potentially has a default password for the postgres account for the bundled PostgresSQL database. An unauthenticated, local attacker can exploit this to gain privileged or administrator...

7.8CVSS7.5AI score0.00327EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2018/12/13 12:0 a.m.6 views

The vulnerability in the web interface of the Cisco Energy Management Suite, related to incorrect restrictions on XML references to external objects (XXE), allows an attacker to disclose or modify sensitive information.

The vulnerability in the web interface of the Cisco Energy Management Suite relates to incorrect restrictions on XML references to external objects XXE. Exploiting this vulnerability could allow an attacker to disclose or modify sensitive information...

7.5CVSS6.9AI score0.02008EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2018/12/04 6:29 p.m.17 views

Design/Logic Flaw

A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite CEMS could allow an authenticated, local attacker to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database with unchanged default...

4.6CVSS7.5AI score0.00327EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/12/04 6:29 p.m.15 views

CVE-2018-0468

A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite CEMS could allow an authenticated, local attacker to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database with unchanged default...

7.8CVSS7.6AI score0.00327EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/12/04 6:0 p.m.28 views

CVE-2018-0468

A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite CEMS could allow an authenticated, local attacker to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database with unchanged default...

7.6AI score0.00327EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/12/04 6:0 p.m.7 views

CVE-2018-0468

A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite CEMS could allow an authenticated, local attacker to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database with unchanged default...

6.7AI score0.00327EPSS
Exploits0References3
Cisco
Cisco
added 2018/12/04 4:0 p.m.164 views

Cisco Energy Management Suite Default PostgreSQL Password Vulnerability

A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite CEMS could allow an authenticated, local attacker to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database with unchanged default...

7.1CVSS0.2AI score0.00327EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/11/23 12:0 a.m.7 views

The vulnerability in the web interface of the Cisco Energy Management Suite allows a perpetrator to perform cross-site fraudulently.

The vulnerability of the Cisco Energy Management Suite’s web interface relates to the lack of authentication for HTTP requests. Exploiting this vulnerability allows a remote attacker to perform cross-site fraudulently, and to carry out arbitrary actions on the vulnerable device under the user’s...

9.3CVSS5.6AI score0.00933EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2018/11/08 6:29 p.m.15 views

Cross site request forgery (csrf)

A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

6CVSS7.8AI score0.00933EPSS
Exploits1References3
NVD
NVD
added 2018/11/08 6:29 p.m.10 views

CVE-2018-15445

A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

8CVSS6.8AI score0.00933EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2018/11/08 6:0 p.m.7 views

CVE-2018-15444 Cisco Energy Management Suite XML External Entity Vulnerability

A vulnerability in the web-based user interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity XXE entri...

6.3CVSS6.6AI score0.02008EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2018/11/08 6:0 p.m.8 views

CVE-2018-15445 Cisco Energy Management Suite Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

6.3CVSS7.2AI score0.00933EPSS
Exploits1References3
CNVD
CNVD
added 2018/11/08 12:0 a.m.3 views

Cisco Energy Management Suite XML External Entity Injection Vulnerability

Cisco Energy Management Suite is the United States Cisco Cisco company's set of energy management suite. The product is mainly used to manage network equipment such as energy management. An XML external entity injection vulnerability exists in the web-based user interface of the Cisco Energy...

7.3CVSS7.1AI score0.02008EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2018/11/08 12:0 a.m.42 views

Cisco Energy Management Suite Detection

Detection of Cisco Energy Management Suite. The script sends a connection request to the server and attempts to detect Cisco Energy Management Suite and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

7AI score
Exploits0References1
Rows per page
Query Builder