Lucene search
K

156 matches found

CNVD
CNVD
added 2019/07/19 12:0 a.m.5 views

Cisco FindIT Network Manager Static Credentials Vulnerability

Cisco FindIT Network Manager is a network management tool for deploying and maintaining Cisco 100 to 500 series switches, routers, and wireless access points. A static credentials vulnerability exists in the virtual machine VM image of Cisco FindIT Network Manager 1.1.4. The vulnerability stems...

8.4CVSS7AI score0.00322EPSS
Exploits0References1
NVD
NVD
added 2019/07/17 9:15 p.m.22 views

CVE-2019-1919

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

8.4CVSS8.3AI score0.00322EPSS
Exploits0References2
Prion
Prion
added 2019/07/17 9:15 p.m.21 views

Design/Logic Flaw

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

7.2CVSS7.5AI score0.00322EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2019/07/17 8:20 p.m.8 views

CVE-2019-1919 Cisco FindIT Network Management Software Static Credentials Vulnerability

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

8.4CVSS6.8AI score0.00322EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/07/17 8:20 p.m.22 views

CVE-2019-1919 Cisco FindIT Network Management Software Static Credentials Vulnerability

A vulnerability in the Cisco FindIT Network Management Software virtual machine VM images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. The vulnerability is due to the presence of an account...

8.4CVSS8.3AI score0.00322EPSS
Exploits0References2
CISA
CISA
added 2019/07/17 12:0 a.m.9 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...

7.1AI score
Exploits0References4
Cvelist
Cvelist
added 2019/02/07 8:0 p.m.19 views

CVE-2019-1675 Cisco Aironet Active Sensor Static Credentials Vulnerability

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker coul...

7.5CVSS7.7AI score0.02589EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2019/02/07 8:0 p.m.9 views

CVE-2019-1675 Cisco Aironet Active Sensor Static Credentials Vulnerability

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker coul...

7.5CVSS7.1AI score0.02589EPSS
Exploits0References2
Cisco
Cisco
added 2019/02/06 4:0 p.m.65 views

Cisco Aironet Active Sensor Static Credentials Vulnerability

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker coul...

7.5CVSS2.6AI score0.02589EPSS
Exploits0References1
Cisco
Cisco
added 2018/06/06 4:0 p.m.42 views

Cisco Wide Area Application Services Software Static SNMP Credentials Vulnerability

A vulnerability in the default configuration of the Simple Network Management Protocol SNMP feature of Cisco Wide Area Application Services WAAS Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP. The vulnerability is due to a hard-coded,...

5.3CVSS2.2AI score0.02396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2018/05/17 3:0 a.m.10 views

CVE-2018-0222

A vulnerability in Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undocumented, static user...

7.9AI score0.0379EPSS
Exploits0References2
Cisco
Cisco
added 2018/05/16 4:0 p.m.49 views

Cisco Digital Network Architecture Center Static Credentials Vulnerability

A vulnerability in Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undocumented, static user...

10CVSS2.6AI score0.0379EPSS
Exploits0References1
OSV
OSV
added 2017/11/16 7:29 a.m.3 views

CVE-2017-12350

A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual...

8.2CVSS5.8AI score0.00349EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
added 2017/08/01 12:0 a.m.37 views

Dell EMC VNX Monitoring and Reporting Scheduler Static Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS9.6AI score0.14024EPSS
Exploits0References1
NVD
NVD
added 2017/07/25 7:29 p.m.17 views

CVE-2017-6750

A vulnerability in AsyncOS for the Cisco Web Security Appliance WSA could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials...

7.5CVSS7.5AI score0.02652EPSS
Exploits0References3
Prion
Prion
added 2017/07/25 7:29 p.m.19 views

Cross site scripting

A vulnerability in AsyncOS for the Cisco Web Security Appliance WSA could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials...

5CVSS7.5AI score0.02652EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2017/07/25 7:29 p.m.1 views

CVE-2017-6750

A vulnerability in AsyncOS for the Cisco Web Security Appliance WSA could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials...

7.5CVSS5.8AI score0.02652EPSS
Exploits0References3
OSV
OSV
added 2017/07/06 12:29 a.m.5 views

CVE-2017-6713

A vulnerability in the Play Framework of Cisco Elastic Services Controller ESC could allow an unauthenticated, remote attacker to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between installations. An attacke...

9.8CVSS5.8AI score0.02927EPSS
Exploits0References2
CVE
CVE
added 2017/07/06 12:0 a.m.46 views

CVE-2017-6713

CVE-2017-6713 affects Cisco Elastic Services Controller (ESC) where the Play Framework UI uses static, default credentials shared across installations. The root cause is these credentials enabling an unauthenticated attacker to generate an admin session token and gain full web UI access. Affected...

10CVSS9.5AI score0.02927EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/07/06 12:0 a.m.19 views

CVE-2017-6713

A vulnerability in the Play Framework of Cisco Elastic Services Controller ESC could allow an unauthenticated, remote attacker to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between installations. An attacke...

9.6AI score0.02927EPSS
Exploits0References2
Rows per page
Query Builder