223 matches found
CVE-2024-20419
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...
CVE-2024-20419
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...
Cisco Smart Software Manager On-Prem Password Change Vulnerability
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...
Exploit for SQL Injection in Cisco Smart_Software_Manager_On-Prem
CVE-2023-20110 PoC script for CVE-2023-20110 -...
Cisco Smart Software Manager On-Prem SQL Injection Vulnerability
Cisco Smart Software Manager On-Prem SSM On-Prem is a Cisco component for Cisco product license management. Cisco Smart Software Manager On-Prem SSM On-Prem suffers from a SQL injection vulnerability that originates from the web-based management interface not adequately validating user input. An...
Sql injection
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...
CVE-2023-20110 Cisco Smart Software Manager On-Prem SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...
Cisco Smart Software Manager On-Prem SQL注入漏洞
Cisco Smart Software Manager On-Prem SSM On-Prem is a Cisco component for Cisco product license management. Cisco Smart Software Manager On-Prem SSM On-Prem suffers from a SQL injection vulnerability that originates from the web-based management interface not adequately validating user input. An...
CVE-2023-20110 Cisco Smart Software Manager On-Prem SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...
CVE-2023-20110
CVE-2023-20110 affects Cisco Smart Software Manager On-Prem (SSM On-Prem). The web-based management interface fails to validate input, enabling an authenticated, low-privilege remote attacker to perform SQL injection and read data from the underlying database. Cisco and CNVD entries confirm the v...
Cisco Smart Software Manager On-Prem SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...
The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem software management tool relates to the lack of protection for operational data, allowing attackers to increase their privileges.
The vulnerability of the Web interface for managing Cisco Smart Software Manager On-Prem software solutions is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
Cisco Smart Software Manager On-Prem Elevation of Privilege Vulnerability
Cisco Smart Software Manager On-Prem SSM On-Prem is a component of Cisco for Cisco product license management.An elevation of privilege vulnerability exists in previous versions of Cisco Smart Software Manager On-Prem 8-202206, which stems from insufficient protection of sensitive user informatio...
Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this...
Cisco Smart Software Manager On-Prem 安全漏洞
Cisco Smart Software Manager On-Prem SSM On-Prem is a component of Cisco for Cisco product license management.An elevation of privilege vulnerability exists in previous versions of Cisco Smart Software Manager On-Prem 8-202206, which stems from insufficient protection of sensitive user informatio...
PT-2022-5297 · Cisco · Cisco Smart Software Manager On-Prem
Name of the Vulnerable Software and Affected Versions: Cisco Smart Software Manager On-Prem affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to elevate privileges on an affected system. This issue is d...
CVE-2022-36403
Untrusted search path vulnerability in the installer of Device Software Manager prior to Ver.2.20.3.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2022-36403
Untrusted search path vulnerability in the installer of Device Software Manager prior to Ver.2.20.3.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...