Lucene search
K

812 matches found

Prion
Prion
added 2017/05/22 1:29 a.m.18 views

Design/Logic Flaw

A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when...

5CVSS5.2AI score0.02663EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/05/22 1:0 a.m.46 views

CVE-2017-6646

CVE-2017-6646 affects Cisco Remote Expert Manager Software web interface (11.0.0). An unauthenticated remote attacker can access sensitive order information by sending crafted HTTP requests because the software does not sufficiently protect sensitive data in HTTP responses. The vulnerability is d...

5.3CVSS5.2AI score0.02663EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/05/18 7:0 p.m.26 views

CVE-2017-6621

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to insufficient protection of...

7.4AI score0.06174EPSS
Exploits0References3
Cisco
Cisco
added 2017/05/17 4:0 p.m.23 views

Cisco Remote Expert Manager Virtual Directory Information Disclosure Vulnerability

A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding t...

4.3CVSS5.3AI score0.02663EPSS
Exploits0References1
rapid7community
rapid7community
added 2017/05/10 3:4 p.m.41 views

IoT Security Testing Methodology

By Deral Heiland IoT - IoT Research Lead Rapid7 Nathan Sevier - Senior Consultant Rapid7 Chris Littlebury - Threat Assessment Manage Rapid7 End-to-end ecosystem methodology When examining IoT technology, the actionable testing focus and methodology is often applied solely to the embedded device...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/24 12:0 a.m.83 views

Flexispy

Flexispy. Papers exploit for Multiple platform / // / / /| |/ / / // \ / // / / / / / / / | / / / / / / / / / / / / / / / / / / | / / / // // / / / // //// //||//////// brought to you by / / / / / / // -/ \ / / // // / / |/ / // / /// // ./,/// ,/ // /, / // // / / / // / / ,/////,/ / /...

7.5AI score
Exploits0
OpenVAS
OpenVAS
added 2017/04/10 12:0 a.m.28 views

Cisco Prime Infrastructure Web Interface Information Disclosure Vulnerability (cisco-sa-20170405-cpi)

A vulnerability in the web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to access sensitive data. The attacker does not need administrator credentials and could use this information to conduct additional reconnaissance attacks. SPDX-FileCopyrightText: 2017...

6.5CVSS6.5AI score0.02078EPSS
Exploits0References1
NVD
NVD
added 2017/04/07 5:59 p.m.19 views

CVE-2017-3884

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to access sensitive data. The attacker does not need administrator credentials and could use this information to conduct additional...

6.5CVSS6.3AI score0.02078EPSS
Exploits0References3
Prion
Prion
added 2017/04/07 5:59 p.m.20 views

Design/Logic Flaw

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to access sensitive data. The attacker does not need administrator credentials and could use this information to conduct additional...

4CVSS6.3AI score0.02078EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2017/04/07 5:0 p.m.57 views

CVE-2017-3884

The CVE-2017-3884 entry describes an information-disclosure vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager. An authenticated, remote attacker could access sensitive data without administrator credentials, enabling reconnaissan...

6.5CVSS6.3AI score0.02078EPSS
Exploits0References3Affected Software2
ThreatPost
ThreatPost
added 2017/03/31 7:0 a.m.15 views

Aviation-Related Phishing Campaigns Seeking Credentials

A wave of email-based phishing campaigns is targeting airline consumers with messages that contain malware that infects systems or links to spoofed airline websites that are personalized to trick victims into handing over personal or business credentials. “Over the past several weeks, we have see...

1.6AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/03/31 12:0 a.m.19 views

Common Files Detection

Scanner has detected common sensitive files on the remote web server. Web applications are often made up of multiple files and directories. It is possible that over time some files may become unreferenced unused by the web application and forgotten about by the administrator or developer. Because...

7.2AI score
Exploits0References5
The Hacker News
The Hacker News
added 2017/03/29 9:52 p.m.21 views

Widespread Email Scam Targets Github Developers with Dimnie Trojan

Open source developers who use the popular code-sharing site GitHub were put on alert after the discovery of a phishing email campaign that attempts to infect their computers with an advanced malware trojan. Dubbed Dimnie, the reconnaissance and espionage trojan has the ability to harvest...

7.6AI score
Exploits0
OpenVAS
OpenVAS
added 2017/01/19 12:0 a.m.19 views

Cisco IOx Software Information Disclosure Vulnerability (cisco-sa-20170118-ios)

A vulnerability in the web-based management interface of Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted...

5.3CVSS5.3AI score0.01584EPSS
Exploits0References1
Cisco
Cisco
added 2017/01/18 4:0 p.m.22 views

Cisco IOS and Cisco IOx Software Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. The vulnerability is due to lack of proper input validation of the...

5.3CVSS5.1AI score0.01584EPSS
Exploits0References1
Cisco
Cisco
added 2016/12/07 4:0 p.m.25 views

Cisco Firepower Management Center Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password. The vulnerability is due to improper masking of sensitive data in the HTTP response. An...

4CVSS6.5AI score0.02194EPSS
Exploits0References1
rapid7community
rapid7community
added 2016/12/05 6:28 p.m.8 views

Deception Technology: Can It Detect Intruders Earlier in their Attack Chain?

Every infosec conference is chatting about the Attack Chain, a visual mapping of the steps an intruder must take to breach a network. If you can detect traces of an attack earlier, you not only have more time to respond, but can stop the unauthorized access to monetizable data and its exfiltratio...

7.1AI score
Exploits0
n0where
n0where
added 2016/12/01 8:43 p.m.716 views

Windows Anti Recon Tool: SAMRi10

Windows Anti Recon Tool “SAMRi10” tool is a short PowerShell PS script which alters remote SAM access default permissions on Windows 10 & Windows Server 2016. This hardening process prevents attackers from easily getting some valuable recon information to move laterally within their victim’s...

2.3AI score
Exploits0References3
The Coalfire Blog
The Coalfire Blog
added 2016/10/27 10:4 a.m.14 views

Ghosts in the Bank

It was a dark night. A car pulled up in the parking space next to me and quickly extinguished his lights. I looked out the my window and saw the driver. He gave me a quick nod and we exited our cars. Opening the trunk I pulled out my tools for the night. A backpack full of trash bags, a flash...

0.2AI score
Exploits0
Cisco
Cisco
added 2016/10/05 4:0 p.m.20 views

Cisco Nexus 9000 Information Disclosure Vulnerability

A vulnerability in the internal iptables configuration for local interfaces on the Cisco Nexus 9000 Series Switch could allow an unauthenticated, remote attacker to access certain sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerabili...

5CVSS7.5AI score0.02359EPSS
Exploits0References1
Rows per page
Query Builder