262 matches found
EUVD-2020-24809
Malware in sbrugna...
EUVD-2017-3919
Malware in sbrugna...
EUVD-2020-24789
Malware in sbrugna...
EUVD-2020-24790
Malware in sbrugna...
CVE-2013-5487
DCNM-SAN Server in Cisco Prime Data Center Network Manager DCNM before 6.21 allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029...
CVE-2020-3539
A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that are intended for use...
CVE-2020-3539 Cisco Data Center Network Manager Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that are intended for use...
CVE-2020-3539 Cisco Data Center Network Manager Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that are intended for use...
Malicious code in dcnm-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60cebc6f07c7ce4ba095946f2ee01997897e8acdaaa926a98ee8c6a66aff97f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8945 Malicious code in dcnm-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60cebc6f07c7ce4ba095946f2ee01997897e8acdaaa926a98ee8c6a66aff97f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Cisco DCNM Auth Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'securerandom' require 'base64' class MetasploitModule 'Cisco DCNM auth bypass', 'Description' = %q This exploit is able to add an admin account to a Cisco DCNM...
Security Bulletin: Open Source OpenSSL, GNUTls, RHEL CVE-2016-8610 'SSL-Death-Alert' affects IBM Cisco switches and directors.
Summary Open Source OpenSSL is used by IBM Cisco switches and directors. IBM Cisco switches and directors has addressed the CVE. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-8610 DESCRIPTION: SSL/TLS protocol is vulnerable to a denial of service, caused by an error when...
Security Bulletin: IBM Cisco SAN switches and directors are vulnerable to OpenSSL denial of service (CVE-2016-2180).
Summary IBM Cisco SAN switches and directors OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TSOBJprintbio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. Vulnerability...
Security Bulletin: Vulnerabilities in Open Source OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2177 CVE-2000-1254 CVE-2016-2178).
Summary Open Source OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2000-1254 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive...
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager DCNM allows remote attackers to read arbitrary files...
Security Bulletin: Apache Log4j vulnerability in DCNM Network Management Software used by IBM c-type SAN directors and switches.
Summary Apache Log4j Java logging library vulnerability - CVE-2021-44228 affecting versions prior to v2.15 impacts DCNM Network Management Software. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused ...
Security Bulletin: Apache Log4j vulnerability in DCNM Network Management Software used by IBM c-type SAN directors and switches.
Summary Apache Log4j Java logging library vulnerability - CVE-2021-45046 affecting versions prior to v2.16 impacts DCNM Network Management Software. Vulnerability Details CVEID: CVE-2021-45046 DESCRIPTION: Apache Log4j could result in remote code execution, caused by an incomplete fix of...
Cisco Data Center Network Manager Authorization Bypass Vulnerabilities (cisco-sa-dcnm-authbypass-OHBPbxu)
The version of Cisco Data Center Network Manager installed on the remote host is prior to 11.51. It is, therefore, affected by multiple vulnerabilities in the web-based management interface. A remote, authenticated attacker can exploit these to view, modify, and delete data without proper...
Metasploit Wrap-Up
Cisco ‘Sploits This week’s Metasploit Framework release brings two modules that target Cisco products.The first module, written by our very own jheysel-r7, targets an unauthenticated file upload vulnerability in Cisco HyperFlex HX Data Platform. Vulnerable versions of the Cisco HyperFlex software...
Cisco DCNM auth bypass
This exploit is able to add an admin account to a Cisco DCNM with credentials you can choose. After that, you can login to the web interface with those credentials. The only necessary condition is the more or less recent connection of an admin as this exploit uses a kind of session stealing. Modu...