4936 matches found
CVE-2020-3519 Cisco Data Center Network Manager Path Traversal Vulnerability
A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...
CVE-2020-3521
CVE-2020-3521 affects Cisco Data Center Network Manager (DCNM) REST API. The issue is an input-validation weakness in the API, allowing an authenticated, low-privileged attacker to perform directory/path traversal and read arbitrary files on the device. Documented in multiple sources, Cisco has r...
CVE-2020-3521 Cisco Data Center Network Manager Read File Path Traversal Vulnerability
A vulnerability in a specific REST API of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker...
Cisco Data Center Network Manager Multiple Vulnerabilities (Aug 2020)
According to its self-reported version, Cisco Data Center Network Manager is affected by multiple vulnerabilities. - A vulnerability in a specific REST API of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an...
Atlassian Jira 7.6.x < 8.5.4, 8.6.x < 8.7.1 Stored XSS (JRASERVER-70814)
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.6.x prior to 8.5.4 or 8.6.x prior to 8.7.1. It is, therefore, affected by a stored cross-site scripting XSS vulnerability in the REST API component. An authenticated, remote...
Cisco Data Center Network Manager Path Traversal Vulnerability
A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploi...
Cisco Data Center Network Manager Path Traversal Vulnerability
A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...
Cisco Data Center Network Manager Read File Path Traversal Vulnerability
A vulnerability in a specific REST API of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker...
CVE-2020-16168
Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors...
Input validation
Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors...
CVE-2020-16168
CVE-2020-16168 (temi Robox OS <120 and Android app
CVE-2020-16168
Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors...
com.alipay.sofa:tracer-sofa-boot-starter (>=3.1.0 <=3.1.2), com.pleosoft:pleosoft-spring-boot-starter (=1.0.5-RELEASE) +40 more potentially affected by CVE-2020-5413 via org.springframework.integration:spring-integration-core (>=5.1.0.RELEASE <=5.1.11.RELEASE)
org.springframework.integration:spring-integration-core MAVEN version =5.1.0.RELEASE, =3.1.0, =0.2.0.RELEASE, =2.23.0, =2.23.0, =2.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.11.RELEASE - org.springframework.integration:spring...
Update Rollup 2 for System Center Operations Manager 2019 (KB4558752)
Update Rollup 2 for System Center Operations Manager 2019 KB4558752 Introduction This article describes the new features and issues that are fixed in System Center Operations Manager 2019 Update Rollup 2. This article also contains the installation instructions for this update.For the list of...
CVE-2020-3386
A vulnerability in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with a low-privileged account to bypass authorization on the API of an affected device. The vulnerability is due to insufficient authorization of certain API functions...
CVE-2020-3384
A vulnerability in specific REST API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system with the privileges of the logged-in user. The vulnerability is due to insufficient validation of...
CVE-2020-3382
A vulnerability in the REST API of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability exists because different installations share a...
CVE-2020-3382
A vulnerability in the REST API of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability exists because different installations share a...
Authorization
A vulnerability in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with a low-privileged account to bypass authorization on the API of an affected device. The vulnerability is due to insufficient authorization of certain API functions...
Authentication flaw
A vulnerability in the REST API of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability exists because different installations share a...