2 matches found
ICSA-21-110-02_Rockwell Automation Stratix Switches
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/ Low attack complexity Vendor: Rockwell Automation Equipment: Stratix Switches Vulnerabilities: Insufficiently Protected Credentials, Insufficient Verification of Data Authenticity, Use of Out-of-Range Pointer Offset, Insertion of...
CVE-2021-1403
CVE-2021-1403 affects Cisco IOS XE Software web UI. The issue arises from insufficient HTTP protections in the web UI, enabling an unauthenticated, remote attacker to perform a cross-site WebSocket hijacking (CSWSH) attack. Exploitation requires a user to click a crafted link, and a successful ex...