Lucene search
K

55 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-24790

Malware in sbrugna...

8.1CVSS5.8AI score0.00969EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-24809

Malware in sbrugna...

8.1CVSS5.8AI score0.00502EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.151 views

Cisco DCNM Auth Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'securerandom' require 'base64' class MetasploitModule 'Cisco DCNM auth bypass', 'Description' = %q This exploit is able to add an admin account to a Cisco DCNM...

10CVSS7AI score0.85649EPSS
Exploits7
Metasploit
Metasploit
added 2021/06/24 5:43 p.m.85 views

Cisco DCNM auth bypass

This exploit is able to add an admin account to a Cisco DCNM with credentials you can choose. After that, you can login to the web interface with those credentials. The only necessary condition is the more or less recent connection of an admin as this exploit uses a kind of session stealing. Modu...

10CVSS9.3AI score0.85649EPSS
Exploits7
NVD
NVD
added 2021/01/20 8:15 p.m.23 views

CVE-2021-1283

A vulnerability in the logging subsystem of Cisco Data Center Network Manager DCNM could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. The vulnerability exists because sensitive information is not properly masked before it is...

5.5CVSS5.1AI score0.00284EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 8:15 p.m.17 views

CVE-2021-1276

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. These vulnerabilities are due to insufficient certificate validation when...

7.5CVSS7.4AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 8:15 p.m.3 views

CVE-2021-1253

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow a remote attacker with network-operator privileges to conduct a cross-site scripting XSS attack or a reflected file download RFD attack against a user of the interface. For more...

5.4CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2021/01/20 8:15 p.m.17 views

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow a remote attacker with network-operator privileges to conduct a cross-site scripting XSS attack or a reflected file download RFD attack against a user of the interface. For more...

3.5CVSS5.3AI score0.00614EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/20 8:15 p.m.20 views

Design/Logic Flaw

Multiple vulnerabilities in Cisco Data Center Network Manager DCNM could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. These vulnerabilities are due to insufficient certificate validation when...

5.8CVSS6.3AI score0.00399EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/08/26 5:15 p.m.16 views

CVE-2020-3522

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to bypass authorization on an affected device and access sensitive information that is related to the device. The vulnerability exists because the...

6.5CVSS6.2AI score0.00805EPSS
Exploits0References1
Prion
Prion
added 2020/08/26 5:15 p.m.17 views

Path traversal

A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...

5.5CVSS7.9AI score0.00969EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/26 5:15 p.m.18 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interface...

3.5CVSS5.3AI score0.00622EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/08/26 4:15 p.m.10 views

CVE-2020-3521 Cisco Data Center Network Manager Read File Path Traversal Vulnerability

A vulnerability in a specific REST API of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker...

5.3CVSS6.8AI score0.01787EPSS
Exploits0References1
NVD
NVD
added 2020/07/31 12:15 a.m.13 views

CVE-2020-3462

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted parameters. An attacker could...

6.5CVSS6.5AI score0.00741EPSS
Exploits0References1
OSV
OSV
added 2020/07/31 12:15 a.m.4 views

CVE-2020-3382

A vulnerability in the REST API of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability exists because different installations share a...

9.8CVSS6AI score0.02296EPSS
Exploits0References1
NVD
NVD
added 2020/07/31 12:15 a.m.13 views

CVE-2020-3461

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. The vulnerability is due to missing authentication on a specific part of the web-based...

5.3CVSS5.2AI score0.01218EPSS
Exploits0References1
NVD
NVD
added 2020/07/31 12:15 a.m.14 views

CVE-2020-3384

A vulnerability in specific REST API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system with the privileges of the logged-in user. The vulnerability is due to insufficient validation of...

8.2CVSS8.2AI score0.0079EPSS
Exploits0References1
NVD
NVD
added 2020/07/31 12:15 a.m.23 views

CVE-2020-3376

A vulnerability in the Device Manager application of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device. The vulnerability is due to a failure in the software to perform proper...

9.8CVSS8.9AI score0.01152EPSS
Exploits0References1
Prion
Prion
added 2020/07/31 12:15 a.m.22 views

Authorization

A vulnerability in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with a low-privileged account to bypass authorization on the API of an affected device. The vulnerability is due to insufficient authorization of certain API functions...

9CVSS8.5AI score0.02042EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/07/31 12:15 a.m.10 views

Authentication flaw

A vulnerability in the Device Manager application of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device. The vulnerability is due to a failure in the software to perform proper...

7.5CVSS9.7AI score0.01152EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder