15 matches found
PT-2026-3788
Name of the Vulnerable Software and Affected Versions Cisco Intersight Virtual Appliance affected versions not specified Description A flaw exists in the read-only maintenance shell of the appliance that may allow a local attacker with administrative privileges to gain root access. This is caused...
The vulnerability of the web interface of the Cisco Intersight Virtual Appliance, a software tool for managing cloud systems, allows a perpetrator to execute arbitrary commands.
The vulnerability of the web interface for managing Cisco Intersight Virtual Appliance software lies in insufficient validation of input data during the extraction of loaded software packages. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2023-20237
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this...
PT-2023-4616 · Cisco · Cisco Intersight Virtual Appliance
Name of the Vulnerable Software and Affected Versions: Cisco Intersight Virtual Appliance affected versions not specified Description: A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise...
The vulnerability of the Cisco Intersight Virtual Appliance, a software tool for managing cloud systems, related to access control deficiencies, allows an attacker to gain access to confidential internal services through an external interface.
The vulnerability of the Cisco Intersight Virtual Appliance, a software tool for managing cloud systems, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential internal services through an external...
CVE-2021-1617
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An...
CVE-2021-1617
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An...
CVE-2021-1600
Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are received on the external...
CVE-2021-1618
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An...
CVE-2021-1618
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An...
Path traversal
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An...
CVE-2021-1618 Cisco Intersight Virtual Appliance Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An...
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities in Intersight Virtual Appliance. An attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...
PT-2021-3642 · Cisco · Cisco Intersight Virtual Appliance
Name of the Vulnerable Software and Affected Versions: Cisco Intersight Virtual Appliance affected versions not specified Description: The issue is due to insufficient input validation in the web-based management interface of Cisco Intersight Virtual Appliance, allowing an authenticated, remote...
PT-2021-3792 · Cisco · Cisco Intersight Virtual Appliance
Name of the Vulnerable Software and Affected Versions: Cisco Intersight Virtual Appliance affected versions not specified Description: The issue is due to insufficient input validation in the web-based management interface of Cisco Intersight Virtual Appliance, allowing an authenticated, remote...