7 matches found
EUVD-2023-24363
Malicious code in bioql PyPI...
CVE-2023-20184
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these...
CVE-2023-20184 Cisco DNA Center Software API Vulnerabilities
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these...
CVE-2023-20183
CVE-2023-20183 affects Cisco DNA Center Software API. The vulnerability stems from improper API authorization, enabling an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as root. A...
CVE-2021-1257
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The...
CVE-2021-1257
CVE-2021-1257 affects Cisco DNA Center (web-based management interface) with CSRF in versions prior to 2.1.2.0. An unauthenticated, remote attacker can lure a logged-in user to a crafted link, causing actions on the device with the user’s privileges, including modifying configuration, disconnecti...
Authentication flaw
A vulnerability in the API gateway of the Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could...