23 matches found
Zimbra Warns of Critical Zero-Day Flaw in Email Software Amid Active Exploitation
Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. "A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced," the...
CVE-2022-20844
Cisco SD-AVC on Cisco vManage exposes a GUI authentication flaw that can be exploited remotely via a default static username/password, potentially exposing device names, logs, and DNS server IPs. Affected component is the Cisco SD-AVC GUI accessible on self-managed cloud or local server installat...
Cisco vManage 信任管理问题漏洞
Cisco vManage is a highly customizable dashboard from Cisco, Inc. that simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. Cisco vManage is vulnerable to a trust management issue. A remote attacker exploiting this vulnerability would be able to acces...
The vulnerability of the CLI component of the Cisco SD-WAN vManage centralized network management system allows a attacker to execute arbitrary commands.
The vulnerability of the CLI component in the Cisco SD-WAN vManage centralized network management system is related to insecure privilege management. Exploiting this vulnerability could allow an attacker to execute arbitrary commands using a specially created file...
The vulnerability of the History API component in the Cisco SD-WAN vManage network management system allows a attacker to disclose protected information.
The vulnerability of the History API component in the Cisco SD-WAN vManage network management system is related to errors in request processing. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...
The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.
The vulnerability of the vManage web interface of the Cisco SD-WAN software-defined network is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information by sending specially crafted requests...
CVE-2021-1535
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the Cisco SD-WAN vManage Software must be in cluster mode. This...
CVE-2021-1284
A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify the configuration of an affected system. To exploit this vulnerability, the attacker must be able t...
CVE-2021-1433
A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when the device processes traffic. An attacker could exploit this...
CVE-2021-1433 Cisco IOS XE SD-WAN Software vDaemon Buffer Overflow Vulnerability
A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when the device processes traffic. An attacker could exploit this...
CVE-2021-1433 Cisco IOS XE SD-WAN Software vDaemon Buffer Overflow Vulnerability
A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when the device processes traffic. An attacker could exploit this...
The vulnerability of the vDaemon service in the Cisco SD-WAN vManage centralized system allows a attacker to trigger a service failure.
The vulnerability of the vDaemon service in the Cisco SD-WAN vManage centralized network management system is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.
The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network is due to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
Cisco SD-WAN vMange Command Injection Vulnerability (CNVD-2021-05389)
Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A command injection vulnerability exists in the Cisco SD-WAN vMange software. The vulnerability stems from the program not properly validati...
Cisco SD-WAN vManage Software 安全漏洞
Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. A Cypher query language injection vulnerability exists in the Web management interface of Cisco SD-WAN vManage versions prior to 20.3.2, which can be exploited by an attacker to obtain...
多款Cisco产品命令注入漏洞
Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A command injection vulnerability exists in the Cisco SD-WAN vMange software. The vulnerability stems from the program not properly validati...
CVE-2020-27129
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. The vulnerability is due to improper validation of commands to the remote management CLI of the...
Cisco SD-WAN vManage Software Cross-Site Scripting Vulnerability (CNVD-2020-57577)
Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. A cross-site scripting vulnerability exists in Cisco SD-WAN vManage Software. The vulnerability stems from a lack of proper validation of client data by the WEB application. ...
The vulnerability in the vManage web management interface of the Cisco SD-WAN programmable network allows a attacker to execute cross-site scripting (XSS) attacks.
The vulnerability in the vManage web management interface of the Cisco SD-WAN program-defined network is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...
CVE-2020-3437
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this...