Lucene search
K

106 matches found

CNNVD
CNNVD
added 2025/04/16 12:0 a.m.6 views

Cisco Secure Network Analytics 数据伪造问题漏洞

Cisco Secure Network Analytics is a network security solution designed to provide enterprise-wide network visibility and advanced threat detection and response capabilities. Cisco Secure Network Analytics is vulnerable to a data forgery issue, which can be exploited by a remote attacker to submit...

7.2CVSS7.5AI score0.00327EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.6 views

PT-2025-16790 · Cisco · Cisco Secure Network Analytics

Name of the Vulnerable Software and Affected Versions: Cisco Secure Network Analytics affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary command...

7.2CVSS7AI score0.00327EPSS
Exploits0References7
OSV
OSV
added 2024/11/15 4:15 p.m.6 views

CVE-2022-20663

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient...

6.1CVSS6AI score0.00472EPSS
Exploits0References1
NVD
NVD
added 2024/11/15 4:15 p.m.17 views

CVE-2022-20663

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient...

6.1CVSS0.00472EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/15 3:38 p.m.20 views

CVE-2022-20663 Secure Network Analytics Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient...

6.1CVSS6.5AI score0.00472EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 3:38 p.m.42 views

CVE-2022-20663 Secure Network Analytics Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient...

6.1CVSS0.00472EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/15 1:35 p.m.59 views

Security Bulletin: Multiple Eclipse Jetty Vulnerabilities Affect IBM Analytic Accelerator Framework for Communication Service Providers & IBM Customer and Network Analytics

Summary Eclipse Jetty is used in the solution's microservices bis, auth, analytics, cna as the engine of the HTTP server, underpinning APIs and UI. Several CVEs were found in the version used. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2021-28169 DESCRIPTION: Eclipse Jet...

7.8CVSS6.5AI score0.99298EPSS
Exploits16Affected Software1
NCSC
NCSC
added 2023/07/19 12:0 a.m.11 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code executio...

9.8CVSS7.9AI score0.99615EPSS
Exploits59
CNVD
CNVD
added 2023/04/07 12:0 a.m.11 views

Cisco Secure Network Analytics Remote Code Execution Vulnerability (CNVD-2023-85955)

Cisco Secure Network Analytics Stealthwatch is a solution that supports cross-platform network streaming data collection. A remote code execution vulnerability exists in Cisco Secure Network Analytics, which can be exploited by an attacker to execute code on an affected device...

7.2CVSS8AI score0.00897EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/04/06 12:0 a.m.4 views

The vulnerability in the web interface of the Cisco Secure Network Analytics system, previously known as Cisco Stealthwatch Enterprise, allows a perpetrator to execute arbitrary commands.

The vulnerability in the web interface of the Cisco Secure Network Analytics system, previously known as Cisco Stealthwatch Enterprise, involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on behalf of an...

9CVSS8AI score0.01005EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/04/05 11:0 p.m.3 views

CVE-2023-20102

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS7.6AI score0.01005EPSS
Exploits0References2
OSV
OSV
added 2023/04/05 7:15 p.m.2 views

CVE-2023-20102

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS7.6AI score
Exploits0References1
NVD
NVD
added 2023/04/05 7:15 p.m.18 views

CVE-2023-20103

A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...

7.2CVSS6.2AI score0.00897EPSS
Exploits0References1
NVD
NVD
added 2023/04/05 7:15 p.m.12 views

CVE-2023-20102

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS8.8AI score0.01005EPSS
Exploits0References1
OSV
OSV
added 2023/04/05 7:15 p.m.7 views

CVE-2023-20103

A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...

7.2CVSS7.4AI score0.00897EPSS
Exploits0References1
Prion
Prion
added 2023/04/05 7:15 p.m.14 views

Input validation

A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...

5.8CVSS7.2AI score0.00897EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/05 7:15 p.m.12 views

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

6.5CVSS8.7AI score0.01005EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2023/04/05 4:0 p.m.34 views

Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS8.8AI score0.01005EPSS
Exploits0References1
Cisco
Cisco
added 2023/04/05 4:0 p.m.32 views

Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...

4.9CVSS6.4AI score0.00897EPSS
Exploits0References1
CVE
CVE
added 2023/04/05 12:0 a.m.45 views

CVE-2023-20103

Cisco Secure Network Analytics (Stealthwatch) remote code execution (CVE-2023-20103) arises from insufficient validation of input on the web interface, enabling an authenticated attacker to upload a crafted file and execute code as root on an affected device. The attack requires valid Administrat...

7.2CVSS6.4AI score0.00897EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder