11 matches found
EUVD-2017-3919
Malware in sbrugna...
Security Bulletin: IBM Cisco SAN switches and directors are vulnerable to OpenSSL denial of service (CVE-2016-2180).
Summary IBM Cisco SAN switches and directors OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TSOBJprintbio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. Vulnerability...
CVE-2020-3522
A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to bypass authorization on an affected device and access sensitive information that is related to the device. The vulnerability exists because the...
CVE-2020-3519
A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interface...
Path traversal
A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...
CVE-2020-3518
Cisco Data Center Network Manager (DCNM) XSS (CVE-2020-3518) arises from improper validation in the web-based management interface. An authenticated, remote attacker could lure a user into clicking a crafted link, enabling arbitrary script execution in the affected interface or access to browser-...
CVE-2020-3519
Cisco Data Center Network Manager (DCNM) is affected by a REST API path-traversal vulnerability due to insufficient input validation. An authenticated, remote attacker could craft requests to the API and overwrite arbitrary files on affected devices. Public documentation references guidance that ...
CVE-2017-12345
Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...
Cross site scripting
Multiple vulnerabilities in Cisco Data Center Network Manager DCNM Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting...
CVE-2017-12346
CVE-2017-12346 affects Cisco Data Center Network Manager (DCNM). Connected documents confirm multiple vulnerabilities in DCNM Software that could let a remote attacker inject arbitrary values into DCNM configuration parameters, redirect users to malicious websites, inject content into a DCNM clie...