Lucene search
K

223 matches found

CISA
CISA
added 2021/01/21 12:0 a.m.19 views

Cisco Releases Advisories for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7.6AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/01/20 9:47 p.m.67 views

Critical Cisco SD-WAN Bugs Allow RCE Attacks

Cisco is warning of multiple, critical vulnerabilities in its software-defined networking for wide-area networks SD-WAN solutions for business users. Cisco issued patches addressing eight buffer-overflow and command-injection SD-WAN vulnerabilities. The most serious of these flaws could be...

2.2AI score0.04383EPSS
Exploits0References9
OSV
OSV
added 2021/01/20 9:15 p.m.6 views

CVE-2021-1140

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

9.8CVSS7.6AI score0.04383EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 9:15 p.m.27 views

CVE-2021-1141

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

9.8CVSS9.9AI score0.03964EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 9:15 p.m.20 views

CVE-2021-1218

A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an...

5.4CVSS4.9AI score0.00564EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 9:15 p.m.23 views

CVE-2021-1140

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

10CVSS9.9AI score0.04383EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.4 views

CVE-2021-1142

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

9.8CVSS7.6AI score0.04345EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.6 views

CVE-2021-1222

A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates values...

8.1CVSS6.8AI score0.01247EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 9:15 p.m.21 views

CVE-2021-1222

A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates values...

8.1CVSS7.5AI score0.01247EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.5 views

CVE-2021-1219

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...

7.8CVSS7.1AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.5 views

CVE-2021-1141

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

8.8CVSS7.6AI score0.03964EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 9:15 p.m.31 views

CVE-2021-1219

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...

7.8CVSS7.3AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.7 views

CVE-2021-1138

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

9.8CVSS6.1AI score0.04383EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 9:15 p.m.22 views

CVE-2021-1138

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

10CVSS9.9AI score0.04383EPSS
Exploits0References1
Prion
Prion
added 2021/01/20 9:15 p.m.24 views

Design/Logic Flaw

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

10CVSS9.7AI score0.04383EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/20 9:15 p.m.17 views

Sql injection

A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates values...

5.5CVSS8.2AI score0.01247EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/20 9:15 p.m.18 views

Design/Logic Flaw

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

10CVSS9.7AI score0.04345EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/20 9:15 p.m.20 views

Design/Logic Flaw

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

10CVSS9.7AI score0.04383EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/20 9:15 p.m.19 views

Input validation

A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an...

4.9CVSS5.4AI score0.00564EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/20 9:15 p.m.15 views

Design/Logic Flaw

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...

4.6CVSS7.2AI score0.00256EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder