233 matches found
Design/Logic Flaw
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1138
CVE-2021-1138 affects Cisco Smart Software Manager Satellite web UI. A command-injection vulnerability stems from insufficient input validation in the Satellite web interface, enabling an unauthenticated, remote attacker to execute arbitrary commands on the underlying OS. Impact is remote code ex...
CVE-2021-1139
Cisco CVE-2021-1139 affects the Web UI of Cisco Smart Software Manager Satellite. The vulnerabilities stem from insufficient input validation in the Satellite web interface, allowing an unauthenticated, remote attacker to execute arbitrary commands on the underlying OS. Public sources in the conn...
CVE-2021-1139 Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1139 Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1140 Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1140 Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1140
CVE-2021-1140 is linked to Cisco Smart Software Manager Satellite Web UI command-injection vulnerabilities. Connected sources confirm unauthenticated remote command execution via the Satellite web interface, due to insufficient input validation, affecting Satellite releases 5.1.0 and earlier. Rem...
CVE-2021-1141
Cisco Smart Software Manager Satellite Web UI has a command-injection vulnerability that allows an unauthenticated, remote attacker to execute arbitrary OS commands. Multiple sources (CVE-2021-1141, CNVD-2021-09934, CNVD-derived entries, and the Cisco advisory) confirm web UI input-validation wea...
CVE-2021-1141 Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1142
CVE-2021-1142 affects Cisco Smart Software Manager Satellite Web UI. Affected: Satellite 5.1.0 and earlier. Root cause: insufficient input validation in the web UI enabling command injection. Impact: unauthenticated, remote attacker could execute arbitrary OS commands. Remediation: Cisco advisory...
CVE-2021-1142 Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1142 Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1218 Cisco Smart Software Manager Satellite Open Redirect Vulnerability
A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an...
CVE-2021-1218
Cisco Smart Software Manager Satellite's web management interface is affected by an open redirect vulnerability due to improper input validation of URL parameters in an HTTP request. An authenticated, remote attacker could craft a request to redirect a user to a malicious website. Cisco reports t...
CVE-2021-1218 Cisco Smart Software Manager Satellite Open Redirect Vulnerability
A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an...
CVE-2021-1219 Cisco Smart Software Manager Satellite Static Credential Vulnerability
A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...
CVE-2021-1219
Cisco Smart Software Manager Satellite (CSSM) contains a local, authenticated vulnerability due to insufficient protection of static credentials. The issue enables an authenticated, local attacker to view static credentials stored on the device, potentially facilitating further compromise. Affect...
CVE-2021-1219 Cisco Smart Software Manager Satellite Static Credential Vulnerability
A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...
CVE-2021-1222 Cisco Smart Software Manager Satellite SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates values...