238 matches found
CVE-2020-7113
A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher...
Design/Logic Flaw
A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher...
Design/Logic Flaw
A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur. Resolution: Fixed in...
CVE-2020-7114
Aruba Networks ClearPass Policy Manager is affected by CVE-2020-7114. The vulnerability allows an attacker on the same network segment as the management interface to craft HTTP packets and modify databases within ClearPass, potentially leading to a complete cluster compromise. The issue is fixed ...
CVE-2020-7114
A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur. Resolution: Fixed in...
CVE-2020-1611
A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1...
CVE-2020-1611
A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1...
CVE-2020-1611 Junos Space: Malicious HTTP packets sent to Junos Space allow an attacker to view all files on the device.
A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1...
Junos Space: Malicious HTTP packets sent to Junos Space allow an attacker to view all files on the device.
A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1. Recent assessments: busterb at January 30, 2020 8:09a...
Design/Logic Flaw
A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors...
CVE-2019-1970 Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability
A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors...
Siemens SIMATIC S7-1200 PLCs < 4.0 HTTP Packets DOS
Binary data 720197.prm...
CVE-2018-15423
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...
CVE-2018-0470
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to the affected software improperly parsing malformed...
Buffer overflow
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to the affected software improperly parsing malformed...
CVE-2018-0470 Cisco IOS XE Software HTTP Denial of Service Vulnerability
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to the affected software improperly parsing malformed...
PT-2018-5367 · Moxa · Moxa Edr-810
Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317 Description: A cross-site request forgery issue exists in the web server functionality, allowing an attacker to create malicious HTML that can trigger this issue when a specially crafted HTTP packet is...
Code injection
Huawei Oceanstor 5800 before V300R002C10SPC100 allows remote attackers to cause a denial of service CPU consumption via a large number of crafted HTTP packets...
CVE-2016-5822
Huawei Oceanstor 5800 before V300R002C10SPC100 allows remote attackers to cause a denial of service CPU consumption via a large number of crafted HTTP packets...
CVE-2016-6439
A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper...