223 matches found
Critical Cisco Bug Opens Software Licencing Manager to Remote Attack
A critical flaw in the High Availability HA service of Cisco Smart Software Manager On-Prem Base has been uncovered, which would open the door to remote attackers thanks to its use of a static, default password, even if the platform isn’t directly connected to the internet. Cisco Smart Software...
CVE-2020-3158
A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The...
CVE-2020-3158
A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...
CVE-2020-3158 Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability
A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...
CVE-2020-3158
Cisco Smart Software Manager On-Prem HA service contains a default, static password for a system account not controlled by the admin, enabling unauthenticated remote access to a sensitive part of the system with high privileges. Successful exploits could grant read/write access to system data, in...
Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability
A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...
The vulnerability of the API interface of the Cisco Smart Software Manager On-Prem administration license management software allows a perpetrator to trigger a service failure.
The vulnerability of the API interface of the Cisco Smart Software Manager On-Prem administration license software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
CVE-2019-16029
A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...
CVE-2019-16029
A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...
CVE-2019-16029
CVE-2019-16029 describes a vulnerability in the API of Cisco Smart Software Manager On-Prem Web Interface where an unauthenticated attacker can send crafted HTTP requests to exploit input validation flaws, potentially changing or corrupting user account information and causing a denial of service...
CVE-2019-16029 Cisco Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability
A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...
CVE-2019-16029 Cisco Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability
A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...
Cisco Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability
A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...
mintinstall 7.9.9 - Code Execution Exploit
Exploit for linux platform in category web applications Exploit Title: mintinstall aka Software Manager object injection Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-1708...
mintinstall 7.9.9 - Code Execution
mintinstall 7.9.9 - Code Execution Exploit Title: mintinstall aka Software Manager object injection Date: 10/02/2019 Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-17080...
CVE-2019-17080
mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...
CVE-2019-17080
mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...
DLA-1454-1 network-manager-vpnc - security update
Bulletin has no description...
Panda SM Manager for iOS Certificate Validation Bypass Vulnerability
Panda SM Manager for iOS is a suite of iOS-based software for managing and monitoring IT systems. Panda SM Manager for iOS fails to properly validate SSL certificates, allowing remote attackers to exploit this vulnerability to conduct man-in-the-middle attacks, impersonate a trusted server, and...