CVE-2026-20151

A vulnerability in the web interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to the improper transmission of sensitive user information. An attacker could exploit this...

CVE-2026-20151

Cisco Smart Software Manager On-Prem (SSM On-Prem) web interface vulnerability allows an authenticated remote user to elevate privileges from low to administrative due to improper transmission of sensitive user information. Exploitation requires valid credentials (role: System User); attacker can...

Cisco Smart Software Manager On-Prem 安全漏洞

Cisco Smart Software Manager On-Prem is a component developed by Cisco, Inc., used for managing licenses of Cisco products. Cisco Smart Software Manager On-Prem has a security vulnerability that arises from the unintentional exposure of internal services, which may allow unverified remote attacke...

CVE-2022-20939

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this...

Cisco Smart Software Manager On-Prem Password Change (cisco-sa-cssm-auth-sLw3uhUy)

According to its self-reported version, Cisco Smart Software Manager On-Prem Password Change is affected by a vulnerability. - A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of...

CVE-2024-20419

A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...

The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem administrative tool allows a perpetrator to execute arbitrary SQL code.

The vulnerability of the web interface of the Cisco Smart Software Manager On-Prem administration tool is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary SQL code...

CVE-2023-20110

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

CVE-2023-20110

CVE-2023-20110 affects Cisco Smart Software Manager On-Prem (SSM On-Prem). The web-based management interface fails to validate input, enabling an authenticated, low-privilege remote attacker to perform SQL injection and read data from the underlying database. Cisco and CNVD entries confirm the v...

CVE-2022-20808 Cisco Smart Software Manager On-Prem Denial of Service Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. A...

The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem administration tool relates to insecure management of privileges. This allows an attacker to elevate their privileges and create, read, update, or delete records and settings.

The vulnerability of the web interface of the Cisco Smart Software Manager On-Prem administration tool is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to enhance their privileges and create, read, update, or delete records and settings...

CVE-2021-34766

A vulnerability in the web UI of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions. This vulnerability is due to insufficient authorization of the Syst...

The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem administration tool allows a perpetrator to execute arbitrary commands.

The vulnerability of the web interface of the Cisco Smart Software Manager On-Prem administration tool is related to insufficient validation of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with elevated privileges remotely...

Cisco Critical Flaw Patched in WAN Software Solution

Cisco patched a critical flaw in its wide area network WAN software solution for enterprises, which if exploited could give remote, unauthenticated attackers administrator privileges. The flaw exists in Cisco Virtual Wide Area Application Services vWAAS, which is software that Cisco describes as ...

CVE-2019-16029

A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...