5 matches found
CVE-2022-0551
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian...
CVE-2022-0551
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian...
CVE-2022-0551 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian...
Threat Outbreak Alert RuleID31696: Email Messages Distributing Malicious Software on January 3, 2018
Medium Alert ID: 56351 First Published: 2018 January 3 16:32 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID31696 may contain the following files: Name |...
dashbuilder: XXE/SSRF vulnerability
A flaw was found in the dashbuilder import facility: the DocumentBuilders instantiated in org.jboss.dashboard.export.ImportManagerImpl did not disable external entities. This could allow an attacker to perform a variety of XML External Entity XXE and Server-Side Request Forgery SSRF attacks...