Lucene search
K

233 matches found

The Hacker News
The Hacker News
added 2024/07/18 6:1 a.m.60 views

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager

Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem Cisco SSM On-Prem that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked...

10CVSS10AI score0.99994EPSS
Exploits39
NVD
NVD
added 2024/07/17 5:15 p.m.94 views

CVE-2024-20419

A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...

10CVSS0.80767EPSS
Exploits3References2
OSV
OSV
added 2024/07/17 5:15 p.m.7 views

CVE-2024-20419

A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...

10CVSS5.9AI score0.80767EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2024/07/17 4:27 p.m.50 views

CVE-2024-20419

A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...

10CVSS7.8AI score0.80767EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/07/17 4:27 p.m.41 views

CVE-2024-20419

A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...

10CVSS0.80767EPSS
Exploits3References2
CVE
CVE
added 2024/07/17 4:27 p.m.275 views

CVE-2024-20419

Cisco SSM On-Prem (Cisco Smart Software Manager On‑Prem) suffers an authentication weakness in the password-change flow. Affected versions are reported as

10CVSS7.6AI score0.80767EPSS
In wildExploits3References2Affected Software1
Cisco
Cisco
added 2024/07/17 4:0 p.m.49 views

Cisco Smart Software Manager On-Prem Password Change Vulnerability

A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...

10CVSS9.9AI score0.80767EPSS
Exploits3References1
GithubExploit
GithubExploit
added 2023/07/16 10:53 a.m.585 views

Exploit for SQL Injection in Cisco Smart_Software_Manager_On-Prem

CVE-2023-20110 PoC script for CVE-2023-20110 -...

6.5CVSS7AI score0.01152EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2023/06/30 12:0 a.m.5 views

The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem administrative tool allows a perpetrator to execute arbitrary SQL code.

The vulnerability of the web interface of the Cisco Smart Software Manager On-Prem administration tool is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary SQL code...

6.8CVSS7.1AI score0.01152EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/05/18 3:15 a.m.5 views

CVE-2023-20110

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

6.5CVSS6.7AI score0.01152EPSS
Exploits1References1
Prion
Prion
added 2023/05/18 3:15 a.m.21 views

Sql injection

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

4CVSS6.6AI score0.01152EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/18 12:0 a.m.3 views

CVE-2023-20110 Cisco Smart Software Manager On-Prem SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

6.5CVSS5.9AI score0.01152EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/05/18 12:0 a.m.19 views

CVE-2023-20110 Cisco Smart Software Manager On-Prem SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

6.5CVSS6.9AI score0.01152EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.3 views

Cisco Smart Software Manager On-Prem SQL注入漏洞

Cisco Smart Software Manager On-Prem SSM On-Prem is a Cisco component for Cisco product license management. Cisco Smart Software Manager On-Prem SSM On-Prem suffers from a SQL injection vulnerability that originates from the web-based management interface not adequately validating user input. An...

6.5CVSS7.8AI score0.01152EPSS
Exploits1References4
CVE
CVE
added 2023/05/18 12:0 a.m.89 views

CVE-2023-20110

CVE-2023-20110 affects Cisco Smart Software Manager On-Prem (SSM On-Prem). The web-based management interface fails to validate input, enabling an authenticated, low-privilege remote attacker to perform SQL injection and read data from the underlying database. Cisco and CNVD entries confirm the v...

6.5CVSS6.7AI score0.01152EPSS
Exploits1References1Affected Software1
Cisco
Cisco
added 2023/05/17 4:0 p.m.31 views

Cisco Smart Software Manager On-Prem SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

6.5CVSS6.7AI score0.01152EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.6 views

The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem software management tool relates to the lack of protection for operational data, allowing attackers to increase their privileges.

The vulnerability of the Web interface for managing Cisco Smart Software Manager On-Prem software solutions is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

4.3CVSS5.4AI score0.00595EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/10/11 12:0 a.m.25 views

Cisco Smart Software Manager On-Prem Elevation of Privilege Vulnerability

Cisco Smart Software Manager On-Prem SSM On-Prem is a component of Cisco for Cisco product license management.An elevation of privilege vulnerability exists in previous versions of Cisco Smart Software Manager On-Prem 8-202206, which stems from insufficient protection of sensitive user informatio...

4.3CVSS4AI score0.00595EPSS
Exploits0References1
Cisco
Cisco
added 2022/10/05 4:0 p.m.26 views

Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this...

4.3CVSS4.5AI score0.00595EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/05 12:0 a.m.11 views

PT-2022-5297 · Cisco · Cisco Smart Software Manager On-Prem

Name of the Vulnerable Software and Affected Versions: Cisco Smart Software Manager On-Prem affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to elevate privileges on an affected system. This issue is d...

4.3CVSS4.3AI score0.00595EPSS
Exploits0References7
Rows per page
Query Builder