Lucene search
K

11 matches found

Vulnrichment
Vulnrichment
added 2024/03/27 4:43 p.m.12 views

CVE-2024-20333

A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device. This vulnerability is due to insufficient authorization enforcement. An...

4.3CVSS6.8AI score0.00365EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/05 12:0 a.m.39 views

CVE-2023-20073 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Upload Vulnerability

A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...

5.3CVSS9.6AI score0.88874EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/09/04 2:25 a.m.14 views

CVE-2020-3478 Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...

8.1CVSS6.9AI score0.01213EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/09/04 2:25 a.m.18 views

CVE-2020-3478 Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...

8.1CVSS8.1AI score0.01213EPSS
Exploits0References1
NVD
NVD
added 2020/08/17 6:15 p.m.15 views

CVE-2020-3413

A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in their organization. The vulnerability is due to insufficient authorization enforcement for request...

4.3CVSS4.5AI score0.00721EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/08/14 12:0 a.m.35 views

Cisco Webex Meetings Scheduled Meeting Template Creation (cisco-sa-webex-smtcreate-YmuD5Sk)

According to its self-reported version, Cisco Webex Meetings is affected by a vulnerability in the scheduled meeting template feature due to insufficient authorization enforcement for the creation of scheduled meeting templates. An authenticated, remote attacker can exploit this, by sending a...

4.3CVSS5.3AI score0.00721EPSS
Exploits0References3
Prion
Prion
added 2020/06/03 6:15 p.m.21 views

Authorization

A vulnerability in the API subsystem of Cisco Unified Contact Center Express Unified CCX could allow an authenticated, remote attacker to change the availability state of any agent. The vulnerability is due to insufficient authorization enforcement on an affected system. An attacker could exploit...

5.5CVSS6.8AI score0.00806EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/21 6:15 p.m.54 views

CVE-2019-1863

Cisco IMC Privilege Escalation (CVE-2019-1863) affects the web-based management interface of Cisco Integrated Management Controller. The root cause is insufficient authorization enforcement, allowing an authenticated user with read-only privileges to change critical configurations with administra...

9CVSS6.9AI score0.01703EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/06/20 2:45 a.m.19 views

CVE-2019-1625 Cisco SD-WAN Solution Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by...

7.8CVSS7.6AI score0.00419EPSS
Exploits0References2
NVD
NVD
added 2019/03/08 7:29 p.m.20 views

CVE-2019-1603

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the...

7.8CVSS7.7AI score0.0031EPSS
Exploits0References2
Prion
Prion
added 2018/06/07 9:29 p.m.17 views

Authorization

A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to escalate privileges to the Administrator level. The vulnerability is due to insufficient authorization enforcement on batch processing. An attacker could...

6.5CVSS8.6AI score0.02415EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder