62 matches found
CVE-2022-20949
A vulnerability in the management web server of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly...
CVE-2022-20949
CVE-2022-20949 describes a privilege-escalation flaw in the management web server of Cisco Firepower Threat Defense (FTD) Software. An authenticated, remote attacker with high privileges could issue configuration commands on the affected system due to improper access control of HTTPS endpoints, w...
Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability
A vulnerability in the management web server of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly...
Cisco Firepower Threat Defense 安全漏洞
Cisco Firepower Threat Defense FTD Software is a unified set of software from Cisco that provides next-generation firewall services.A resource management error vulnerability exists in Cisco Firepower Threat Defense FTD Software, which stems from its management web server Failure to properly...
PT-2022-5810 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the management web server of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with high...
Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability
Summary A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can...
Design/Logic Flaw
A vulnerability in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific...
CVE-2019-17134
Amphora Images in OpenStack Octavia =0.10.0 =3.0.0 =4.0.0 4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the...
F5 Networks BIG-IP : NTP vulnerabilities (K02360853)
CVE-2015-5194 The logconfigcommand function in ntpparser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service ntpd crash via crafted logconfig commands. CVE-2015-5195 ntpopenssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of servic...
PT-2017-4199 · Apache +2 · Apache Zookeeper +2
Name of the Vulnerable Software and Affected Versions: Apache ZooKeeper versions prior to 3.4.10 Apache ZooKeeper versions prior to 3.5.3 Description: The issue is related to the lack of authentication for a critical function in the implementation of the wchp/wchc command in Apache ZooKeeper, whi...
MGASA-2015-0348 Updated ntp packages fix security vulnerabilities
Updated ntp packages fix security vulnerability: A flaw was found in the way ntpd processed certain remote configuration packets. An attacker could use a specially crafted package to cause ntpd to crash if the attacker had authenticated access to remote ntpd configuration CVE-2015-5146. It was...
Cisco ASA Failover Command Injection Vulnerability
The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. A security vulnerability exists in the failover ipsec feature of Cisco ASA Software that stems from a failure to properly handle secure failover communication messages. An...
Cisco ASA VPN Failover Command Injection Vulnerability (cisco-sa-20141008-asa)
A vulnerability in the VPN code of Cisco ASA Software could allow an authenticated, remote attacker to submit configuration commands to the standby unit via the failover interface. As result, an attacker could be able to take full control of both the active and standby failover units. Copyright C...
HP-UX Security Patch : PHCO_26061
Kernel configuration commands patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26249; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...
HP-UX Security Patch : PHCO_26060
Kernel configuration commands patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26248; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...
HP-UX Security Patch : PHCO_25429
Kernel configuration commands patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26240; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate",...
CVE-2002-1041
Unknown vulnerability in DCE 1 SMIT panels and 2 configuration commands, possibly related to relative pathnames...
CVE-2002-1041
Unknown vulnerability in DCE 1 SMIT panels and 2 configuration commands, possibly related to relative pathnames...
CVE-2002-1041
Technical details for CVE-2002-1041 are not publicly provided in the supplied documents; no explicit affected products, versions, impact, or fixes are disclosed here. Monitor authoritative sources for updates.
CVE-2000-0588
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands...