4 matches found
Cisco Application Services Engine Unauthorized Access Vulnerabilities (cisco-sa-case-mvuln-dYrDPC6w)
According to its self-reported version, Cisco Application Services Engine affected by multiple Unauthorized Access Vulnerabilities. - A vulnerability in Cisco Application Services Engine could allow an unauthenticated, remote attacker to access a privileged service on an affected device. The...
Cisco Releases Security Patches for Critical Flaws Affecting its Products
Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure ACI Multi-Site Orchestrator MSO that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. "An attacker could exploit this vulnerability by sending a crafted...
Multiple Unauthenticated Remote Code Control and Execution Vulnerabilities in Multiple Cisco Products
What’s up? On Feb. 24, 2021, Cisco released many patches for multiple products, three of which require immediate attention by organizations if they are running affected systems and operating system/software configurations. They are detailed below: Cisco ACI Multi-Site Orchestrator Application...
CVE-2021-1393
Cisco Application Services Engine (ASE) is affected by CVE-2021-1393 and CVE-2021-1396 due to insufficient access controls in a Data Network service/API, enabling unauthenticated, remote attackers to gain privileged host-level access, learn device-specific information, create diagnostic files, an...