Lucene search
K

223 matches found

ThreatPost
ThreatPost
added 2020/02/20 5:29 p.m.89 views

Critical Cisco Bug Opens Software Licencing Manager to Remote Attack

A critical flaw in the High Availability HA service of Cisco Smart Software Manager On-Prem Base has been uncovered, which would open the door to remote attackers thanks to its use of a static, default password, even if the platform isn’t directly connected to the internet. Cisco Smart Software...

8.8CVSS0.8AI score0.0552EPSS
Exploits1References11
ATTACKERKB
ATTACKERKB
added 2020/02/20 12:0 a.m.27 views

CVE-2020-3158

A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...

9.8CVSS0.3AI score0.02582EPSS
Exploits0References2
CISA
CISA
added 2020/02/20 12:0 a.m.10 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The...

7.2AI score
Exploits0References8
OSV
OSV
added 2020/02/19 8:15 p.m.3 views

CVE-2020-3158

A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...

9.1CVSS7.3AI score0.02582EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/02/19 7:15 p.m.19 views

CVE-2020-3158 Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability

A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...

9.8CVSS9.4AI score0.02582EPSS
Exploits0References1
CVE
CVE
added 2020/02/19 7:15 p.m.76 views

CVE-2020-3158

Cisco Smart Software Manager On-Prem HA service contains a default, static password for a system account not controlled by the admin, enabling unauthenticated remote access to a sensitive part of the system with high privileges. Successful exploits could grant read/write access to system data, in...

9.8CVSS9.4AI score0.02582EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2020/02/19 4:0 p.m.16 views

Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability

A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...

9.8CVSS9.5AI score0.02582EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/01/29 12:0 a.m.3 views

The vulnerability of the API interface of the Cisco Smart Software Manager On-Prem administration license management software allows a perpetrator to trigger a service failure.

The vulnerability of the API interface of the Cisco Smart Software Manager On-Prem administration license software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

8.5CVSS7.5AI score0.01073EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/01/26 5:15 a.m.6 views

CVE-2019-16029

A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...

9.1CVSS7.3AI score0.01073EPSS
Exploits0References1
NVD
NVD
added 2020/01/26 5:15 a.m.15 views

CVE-2019-16029

A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...

9.1CVSS8.4AI score0.01073EPSS
Exploits0References1
CVE
CVE
added 2020/01/26 4:31 a.m.109 views

CVE-2019-16029

CVE-2019-16029 describes a vulnerability in the API of Cisco Smart Software Manager On-Prem Web Interface where an unauthenticated attacker can send crafted HTTP requests to exploit input validation flaws, potentially changing or corrupting user account information and causing a denial of service...

9.1CVSS8.4AI score0.01073EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/01/26 4:31 a.m.16 views

CVE-2019-16029 Cisco Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability

A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...

8.2CVSS9.1AI score0.01073EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/01/26 4:31 a.m.8 views

CVE-2019-16029 Cisco Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability

A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...

8.2CVSS7.2AI score0.01073EPSS
Exploits0References1
Cisco
Cisco
added 2020/01/22 4:0 p.m.26 views

Cisco Smart Software Manager On-Prem Web Interface Denial of Service Vulnerability

A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...

8.2CVSS2AI score0.01073EPSS
Exploits0References1
0day.today
0day.today
added 2019/10/04 12:0 a.m.68 views

mintinstall 7.9.9 - Code Execution Exploit

Exploit for linux platform in category web applications Exploit Title: mintinstall aka Software Manager object injection Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-1708...

6.8CVSS0.08204EPSS
Exploits5
exploitpack
exploitpack
added 2019/10/03 12:0 a.m.24 views

mintinstall 7.9.9 - Code Execution

mintinstall 7.9.9 - Code Execution Exploit Title: mintinstall aka Software Manager object injection Date: 10/02/2019 Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-17080...

6.8CVSS0.1AI score0.08204EPSS
Exploits5
NVD
NVD
added 2019/10/02 1:15 p.m.18 views

CVE-2019-17080

mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...

7.8CVSS7.8AI score0.08204EPSS
Exploits5References4
Cvelist
Cvelist
added 2019/10/02 12:17 p.m.23 views

CVE-2019-17080

mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...

7.8AI score0.08204EPSS
Exploits5References4
OSV
OSV
added 2018/07/31 12:0 a.m.29 views

DLA-1454-1 network-manager-vpnc - security update

Bulletin has no description...

8.8CVSS7.4AI score0.05059EPSS
Exploits7
CNVD
CNVD
added 2016/07/17 12:0 a.m.4 views

Panda SM Manager for iOS Certificate Validation Bypass Vulnerability

Panda SM Manager for iOS is a suite of iOS-based software for managing and monitoring IT systems. Panda SM Manager for iOS fails to properly validate SSL certificates, allowing remote attackers to exploit this vulnerability to conduct man-in-the-middle attacks, impersonate a trusted server, and...

6.8AI score
Exploits0References1
Rows per page
Query Builder