Lucene search
K

146 matches found

CNVD
CNVD
added 2021/01/21 12:0 a.m.5 views

Cisco SD-WAN vManage Information Disclosure Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. An information disclosure vulnerability exists in the CLI of Cisco SD-WAN vManage versions prior to 19.2.3, which can be exploited by an attacker to read database files from the underlying...

5.5CVSS6.1AI score0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/01/13 9:20 p.m.9 views

CVE-2021-1126 Cisco Firepower Management Center Information Disclosure Vulnerability

A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center FMC could allow an authenticated, local attacker to view credentials for a configured proxy server. The vulnerability is due to clear-text storage and weak permissions of related configuration files. A...

5.5CVSS6.5AI score0.00259EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2020/05/14 11:29 a.m.43 views

US Government Exposes North Korean Malware

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. The first of the new malware variants, COPPERHEDGE, is described as a Remote Access Tool RAT "used by advanced persistent threat APT cyber...

1.8AI score
Exploits0
Palo Alto Networks
Palo Alto Networks
added 2019/03/20 9:20 p.m.170 views

Privilege Escalation in PAN-OS

Palo Alto Networks is aware of an integer overflow vulnerability in the Linux kernel's createelftables function. Ref PAN-105966, CVE-2018-14634 Successful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. To successfully exploit this...

3.6AI score0.14806EPSS
Exploits6References1Affected Software1
Cvelist
Cvelist
added 2019/03/17 8:15 p.m.18 views

CVE-2018-20162

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root...

9.9AI score0.04085EPSS
Exploits3References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:50 p.m.20 views

Security Bulletin: Privilege escalation vulnerability affects IBM Security Guardium (CVE-2017-1122)

Summary IBM Security Guardium contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. IBM Security Guardium has addressed this issue Vulnerability Details CVEID: CVE-2017-1122 DESCRIPTION: IBM Security Guardium...

7.4CVSS1.1AI score0.00333EPSS
Exploits0Affected Software1
Prion
Prion
added 2018/06/12 6:29 p.m.16 views

Design/Logic Flaw

An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL validation by changing the nameservers in...

2.1CVSS4.8AI score0.0035EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/10/13 5:0 p.m.58 views

CVE-2017-10613

CVE-2017-10613 affects Juniper Junos OS kernels where a loopback filter action command in a running configuration can be triggered by an attacker with CLI access and the ability to initiate remote sessions to the loopback interface, causing the kernel to hang. Affected Junos releases include 12.1...

5.5CVSS5.5AI score0.00307EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/04/20 9:0 p.m.21 views

CVE-2017-1122

IBM Security Guardium 8.2, 9.0, and 10.0 contains a vulnerability that could allow a local attacker with CLI access to inject arbitrary commands which would be executed as root. IBM X-Force ID: 121174...

7.2AI score0.00333EPSS
Exploits0References3
NVD
NVD
added 2016/10/06 10:59 a.m.15 views

CVE-2016-6434

Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370...

7.8CVSS7.2AI score0.00983EPSS
Exploits4References5
Prion
Prion
added 2016/10/06 10:59 a.m.15 views

Hardcoded credentials

Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370...

4.6CVSS6.1AI score0.00983EPSS
Exploits4References5Affected Software1
CVE
CVE
added 2016/10/06 10:0 a.m.65 views

CVE-2015-0721

Cisco NX-OS 4.0–7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices is affected by CVE-2015-0721, where remote authenticated users can bypass AAA restrictions and obtain privileged CLI access through crafted parameters during SS...

9CVSS7.3AI score0.01959EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/10/06 10:0 a.m.20 views

CVE-2016-6434

Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370...

7.2AI score0.00983EPSS
Exploits4References5
CVE
CVE
added 2016/10/06 10:0 a.m.65 views

CVE-2016-6434

Cisco Firepower Management Center 6.0.1 is affected by CVE-2016-6434 due to hard-coded MySQL credentials in the local database. The vulnerability enables an authenticated, local attacker with CLI access to obtain sensitive information, effectively bypassing authentication through a root MySQL acc...

7.8CVSS7AI score0.00983EPSS
Exploits4References5Affected Software1
Positive Technologies
Positive Technologies
added 2016/08/15 12:0 a.m.3 views

PT-2016-2535 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions prior to 8.41 Description: The issue is caused by a buffer overflow in the Cisco Adaptive Security Appliance software. It allows an authenticated, local attacker to potentially execute...

7.8CVSS8.7AI score0.22583EPSS
Exploits2References15
Palo Alto Networks
Palo Alto Networks
added 2016/07/14 12:0 a.m.23 views

Web Interface Privilege Escalation

Palo Alto Networks Panorama administrators have the ability to assign predefined permissions to users created on PAN-OS. A read-only user with CLI access could elevate web interface privileges. Ref. 88191...

6.8AI score
Exploits0Affected Software1
NVD
NVD
added 2016/07/03 1:59 a.m.22 views

CVE-2016-1394

Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238...

8.6CVSS8.5AI score0.01012EPSS
Exploits0References2
Prion
Prion
added 2016/07/03 1:59 a.m.15 views

Hardcoded credentials

Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238...

7.5CVSS7.1AI score0.01012EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/07/03 1:0 a.m.24 views

CVE-2016-1394

Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238...

8.5AI score0.01012EPSS
Exploits0References2
CVE
CVE
added 2016/07/03 1:0 a.m.46 views

CVE-2016-1394

Cisco Firepower System Software versions 6.0.0–6.1.0 are affected by a hardcoded/default account that allows unauthenticated, remote CLI login by exploiting knowledge of the password (Bug CSCuz56238). The vulnerability stems from a default static password created during installation, enabling the...

8.6CVSS8.4AI score0.01012EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder