Lucene search
K

156 matches found

OSV
OSV
added 2020/11/17 3:15 a.m.7 views

CVE-2020-27125

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...

9.8CVSS7.3AI score0.01712EPSS
Exploits0References1
Prion
Prion
added 2020/11/17 3:15 a.m.19 views

Design/Logic Flaw

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...

5CVSS9.1AI score0.01712EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/17 3:10 a.m.18 views

CVE-2020-27125 Cisco Security Manager Static Credential Vulnerability

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...

7.4CVSS9.2AI score0.01712EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/11/17 3:10 a.m.7 views

CVE-2020-27125 Cisco Security Manager Static Credential Vulnerability

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...

7.4CVSS6.4AI score0.01712EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/11/16 11:0 p.m.3 views

CVE-2020-27125

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...

9.8CVSS5.5AI score0.01712EPSS
Exploits0References2
Cisco
Cisco
added 2020/11/16 11:0 p.m.61 views

Cisco Security Manager Static Credential Vulnerability

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...

7.4CVSS8.4AI score0.01712EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/11/16 12:0 a.m.7 views

Cisco Security Manager 输入验证错误漏洞

Cisco Security Manager CSM is a suite of enterprise-level management applications from Cisco that are used to configure firewall, VPN, and intrusion protection security services on Cisco network and security devices. A security vulnerability exists in Cisco Security Manager that stems from...

9.8CVSS7.3AI score0.01712EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/08/28 12:0 a.m.29 views

Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials (cisco-sa-ios-iot-vds-cred-uPMp9zbY)

According to its self-reported version, IOS is affected by a server static credentials vulnerability. The vulnerability is due to the presence of weak, hard-coded credentials. An attacker could exploit this vulnerability by authenticating to the targeted device and then connecting to VDS through...

8.8CVSS7.9AI score0.00337EPSS
Exploits0References4
Prion
Prion
added 2020/07/29 6:15 p.m.13 views

Design/Logic Flaw

On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface...

7.5CVSS9.3AI score0.01101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/07/16 5:20 p.m.8 views

CVE-2020-3180 Cisco SD-WAN Solution Software Static Credentials Vulnerability

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a...

8.4CVSS6.9AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/16 5:20 p.m.26 views

CVE-2020-3180 Cisco SD-WAN Solution Software Static Credentials Vulnerability

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a...

8.4CVSS7.5AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2020/06/03 6:15 p.m.5 views

CVE-2020-3234

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated but low-privileged, local attacker to log in to the Virtual...

8.8CVSS7.2AI score0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/03 5:55 p.m.23 views

CVE-2020-3234 Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated but low-privileged, local attacker to log in to the Virtual...

8.8CVSS8.5AI score0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/06/03 5:55 p.m.10 views

CVE-2020-3234 Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated but low-privileged, local attacker to log in to the Virtual...

8.8CVSS7.1AI score0.00337EPSS
Exploits0References1
Cisco
Cisco
added 2020/06/03 4:0 p.m.25 views

Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated but low-privileged, local attacker to log in to the Virtual...

8.8CVSS8.6AI score0.00337EPSS
Exploits0References1
OSV
OSV
added 2020/01/23 5:15 p.m.6 views

CVE-2019-16153

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials...

9.8CVSS7.3AI score0.0115EPSS
Exploits0References1
Prion
Prion
added 2020/01/23 5:15 p.m.19 views

Hardcoded credentials

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials...

7.5CVSS9.3AI score0.0115EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/01/23 4:39 p.m.11 views

CVE-2019-16153

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials...

7.3AI score0.0115EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/01/23 4:39 p.m.33 views

CVE-2019-16153

A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials...

9.5AI score0.0115EPSS
Exploits0References1
CNVD
CNVD
added 2020/01/03 12:0 a.m.2 views

Cisco Data Center Network Manager Authentication Bypass Vulnerability

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. An authentication bypass vulnerability exists in the Web management interface of...

9.8CVSS6.9AI score0.3811EPSS
Exploits5References1
Rows per page
Query Builder