11 matches found
EUVD-2020-24423
Malware in sbrugna...
EUVD-2021-6611
Malicious code in bioql PyPI...
The vulnerability of the password change interface of the Cisco Connected Mobile Experiences (CMX) software allows a hacker to bypass security mechanisms.
The vulnerability of the Cisco Connected Mobile Experiences CMX password change interface is related to deficiencies in the management of registration data. Exploiting this vulnerability could allow a malicious actor to bypass security measures through a specially created API request...
Cisco Connected Mobile Experiences Strong Authentication Requirements Enforcement Bypass
A vulnerability in the change password API of Cisco Connected Mobile Experiences CMX could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device. This vulnerability...
The vulnerability of the Cisco Connected Mobile Experiences software, related to authentication errors, allows a perpetrator to elevate their privileges and gain unauthorized access to protected information.
The vulnerability of the Cisco Connected Mobile Experiences software relates to authentication errors. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected information...
Cisco Connected Mobile Experiences User Enumeration Vulnerability
Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. A user enumeration vulnerability exists in API authorization for Cisco Connected Mobile Experiences...
PT-2021-1645 · Cisco · Cisco Connected Mobile Experiences
Name of the Vulnerable Software and Affected Versions: Cisco Connected Mobile Experiences CMX affected versions not specified Description: The issue is related to a lack of authorization checks for certain API GET requests, which could allow an authenticated, remote attacker to enumerate users on...
CVE-2020-3151
A vulnerability in the CLI of Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. The vulnerability is due to insufficient security mechanisms in the restricted shell implementation. An attacker cou...
CVE-2020-3151 Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability
A vulnerability in the CLI of Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. The vulnerability is due to insufficient security mechanisms in the restricted shell implementation. An attacker cou...
CVE-2019-1645
A vulnerability in the Cisco Connected Mobile Experiences CMX software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected...
CVE-2019-1645
A vulnerability in the Cisco Connected Mobile Experiences CMX software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected...