OpenText Content Server 20.3 - multiple Stored Cross-Site Scripting Vulnerabilities

Exploit Title: OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting Exploit Author: Kamil Breński Vendor Homepage: https://www.opentext.com/ Software Link: https://www.opentext.com/products-and-solutions/products/enterprise-content-management/content-management Version: 20.3...

OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting

Exploit Title: OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting Date: 19/02/2021 Exploit Author: Kamil Breński Vendor Homepage: https://www.opentext.com/ Software Link: https://www.opentext.com/products-and-solutions/products/enterprise-content-management/content-management...

The vulnerability of the SSH web interface of the vManage program-defined network in Cisco SD-WAN allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SSH web interface of the vManage program-defined network in Cisco SD-WAN exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the vAnalytics function in the programmatically defined Cisco SD-WAN network allows a attacker to compromise data integrity.

The vulnerability of the vAnalytics function in the programmatically defined Cisco SD-WAN network is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to compromise data integrity from a remote location...

The vulnerability of the command-line interface (CLI) of the programmatically defined Cisco SD-WAN network allows a attacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the command-line interface CLI of Cisco SD-WAN software-defined networks is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to compromise the confidentiality and integrity of the protected information...

The vulnerability of the command-line interface (CLI) of the programmatically defined Cisco SD-WAN network allows a attacker to gain unauthorized access to protected information.

The vulnerability of the command-line interface CLI of Cisco SD-WAN software-defined networks is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a attacker to execute arbitrary SQL queries.

The vulnerability in the vManage web interface of the Cisco SD-WAN programmatically defined network is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the vManage web interface of the Cisco SD-WAN program-defined network is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

Cisco SD-WAN Denial of Service Vulnerability

The Cisco SD-WAN vEdge is a router from Cisco, Inc. that provides basic WAN and security and multi-cloud capabilities for Cisco SD-WAN solutions. This device provides basic WAN, security, and multi-cloud capabilities for Cisco SD-WAN solutions.Cisco SD-WAN vManage is software from Cisco that...

Cisco SD-WAN CLI Command Injection Vulnerability (CNVD-2021-05460)

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A command injection vulnerability exists in the CLI of Cisco SD-WAN Software. The vulnerability stems from the program not properly validati...

CVE-2021-1235

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. The vulnerability is due to insufficient user authorization. An attacker could exploit this vulnerability by accessing the vshell of an...

CVE-2021-1300

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory...

CVE-2021-1260

Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see...

Cisco SD-WAN Input Validation Error Vulnerability

Cisco SD-WAN is a highly secure cloud-scale architecture that is open, programmable, and scalable from Cisco USA. Cisco SD-WAN suffers from an input validation error vulnerability that allows an unauthenticated, remote attacker to execute an attack on an affected device...

Cisco SD-WAN Buffer Error Vulnerability

Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Networking solutions from Cisco USA. A security vulnerability exists in Cisco SD-WAN products that allows an unauthenticated, remote attacker to perform a denial-of-service DoS attack on an affected devic...

多款Cisco产品命令注入漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A command injection vulnerability exists in the CLI utility tcpdump in Cisco SD-WAN Software. The vulnerability stems from the program not...

Cisco SD-WAN vManage Software SQL注入漏洞

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. A SQL injection vulnerability exists in the Web management interface of Cisco SD-WAN vManage versions prior to 19.2.3. The vulnerability stems from the Web management interface not properl...

PT-2021-1897 · Cisco · Cisco Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN products affected versions not specified Description: The issue is related to multiple vulnerabilities in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against an affected device. O...

PT-2021-1864 · Cisco · Cisco Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN products affected versions not specified Description: The issue is related to errors in processing IP traffic in Cisco SD-WAN products. An unauthenticated, remote attacker could exploit this to execute arbitrary code with root...

Cisco SD-WAN products 缓冲区错误漏洞

The Cisco SD-WAN vEdge is a router from Cisco, Inc. that provides basic WAN and security and multi-cloud capabilities for Cisco SD-WAN solutions. This device provides basic WAN, security, and multi-cloud capabilities for Cisco SD-WAN solutions.Cisco SD-WAN vManage is software from Cisco that...