4 matches found
Cisco BPA, WSA Bugs Allow Remote Cyberattacks
A set of high-severity privilege-escalation vulnerabilities affecting Business Process Automation BPA application and Cisco’s Web Security Appliance WSA and could allow authenticated, remote attackers to access sensitive data or take over a targeted system. The first two bugs CVE-2021-1574 and...
CVE-2021-1576 Cisco Business Process Automation Privilege Escalation Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation BPA could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to...
CVE-2021-1576 Cisco Business Process Automation Privilege Escalation Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation BPA could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to...
CVE-2021-1576
Cisco BPA web-based management interface (pre-3.1) contains privilege-escalation vulnerabilities due to improper authorization for specific features and log-file access. An attacker with valid credentials and an active session could elevate to Administrator by sending crafted HTTP requests or exf...