124 matches found
CVE-2021-1406 Cisco Unified Communications Manager Information Disclosure Vulnerability
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper inclusion...
CVE-2021-1406 Cisco Unified Communications Manager Information Disclosure Vulnerability
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper inclusion...
CVE-2021-1406
Cisco UC Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME) have an information disclosure vulnerability where downloadable files may inappropriately contain sensitive data. An authenticated attacker with elevated privileges can exploit via a targeted command sequence...
Cisco Unified Communications Manager 信息泄露漏洞
Cisco Unified Communications Manager is the powerful call processing component of the Cisco Unified Communications solution. It is a scalable, distributable, and highly available enterprise Voice over IP call processing solution.Cisco Unified Communications Manager Session Management Edition is t...
PT-2021-2561 · Cisco · Cisco Unified Communications Manager Session Management Edition +1
Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager versions affected versions not specified Cisco Unified Communications Manager Session Management Edition versions affected versions not specified Description: The issue is related to the improper inclusion...
Mimecast: SolarWinds Attackers Stole Source Code
Hackers who compromised Mimecast networks as part of the SolarWinds espionage campaign have swiped some of the security firm’s source code repositories, according to an update by the company. The email security firm initially reported that a certificate compromise in January was part of the...
CVE-2020-28929
Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 21.0.11 allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI...
Integer overflow
Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 21.0.11 allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI...
Plum Ik-401 Security Issue Vulnerability
The Plum Ik-401 is a 4G modem/router from Plum Germany for use in industrial environments. A security vulnerability exists in Plum IK-401 versions prior to 1.02, which can be exploited by an attacker accessing the device over the network to obtain a configuration file, including hashed credential...
CVE-2020-28946
An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker with network access to the device to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single...
CVE-2020-28946
An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker with network access to the device to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single...
CVE-2020-28946
An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker with network access to the device to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single...
CVE-2020-28946
The CVE-2020-28946 entry concerns Plum IK-401 devices with firmware prior to 1.02. The issue is an improper webserver configuration that, when the device is reachable over the network, allows unauthenticated retrieval of the configuration file, including hashed credential data, via a single GET r...
Plum Ik-401 访问控制错误漏洞
The Plum Ik-401 is a 4G modem/router from Plum Germany for use in industrial environments. A security vulnerability exists in Plum IK-401 versions prior to 1.02, which can be exploited by an attacker accessing the device over the network to obtain a configuration file, including hashed credential...
VMware Horizon View Client < 5.5.0 Information Disclosure (VMSA-2020-0024)
The version of VMware Horizon Client for Windows installed on the remote host is less than 5.5.0. It is, therefore, affected by an information disclosure vulnerability due to incorrect validation of user input. A malicious attacker with local privileges on the machine where Horizon Client for...
VMware Horizon Client for Windows Information Disclosure Vulnerability
VMware Horizon Client is a client application for connecting to VMware Horizon virtual desktops from VMware. An information disclosure vulnerability exists in VMware Horizon Client for Windows 5.x series versions prior to 5.5.0, which can be exploited by an attacker to retrieve hashed credentials...
CVE-2020-3998
VMware Horizon Client for Windows 5.x prior to 5.5.0 contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes...
CVE-2020-3998
VMware Horizon Client for Windows 5.x prior to 5.5.0 contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes...
CVE-2020-3998
VMware Horizon Client for Windows 5.x prior to 5.5.0 contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes...
CVE-2020-9523
Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The vulnerability could allow an attacker to transmit hashed credentials for the user account running t...