CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-24423

Malware in sbrugna...

7.2CVSS6.6AI score0.00018EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-6611

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00452EPSS

Exploits0References1

OSV•added 2021/08/04 6:15 p.m.•3 views

CVE-2021-1522

A vulnerability in the change password API of Cisco Connected Mobile Experiences CMX could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device. This vulnerability...

4.3CVSS5.8AI score0.00115EPSS

Exploits0References1

Cisco•added 2021/08/04 4:0 p.m.•45 views

Cisco Connected Mobile Experiences Strong Authentication Requirements Enforcement Bypass

4.3CVSS4.9AI score0.00115EPSS

Exploits0References1

CNVD•added 2021/01/14 12:0 a.m.•6 views

Cisco Connected Mobile Experiences User Enumeration Vulnerability

Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. A user enumeration vulnerability exists in API authorization for Cisco Connected Mobile Experiences...

4.3CVSS6.9AI score0.00126EPSS

Exploits0References1

CNVD•added 2021/01/14 12:0 a.m.•2 views

Cisco Connected Mobile Experiences Access Control Error Vulnerability

Cisco Connected Mobile Experiences is a connected mobile experience from Cisco USA. An access control error vulnerability exists in Cisco Connected Mobile Experiences that could allow a remote, authenticated attacker with no administrative privileges to change the password of any user on an...

8.8CVSS6.8AI score0.00452EPSS

Exploits0References1

CISA•added 2021/01/14 12:0 a.m.•14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. CISA encourages user...

7.7AI score

Exploits0References5

OSV•added 2021/01/13 10:15 p.m.•2 views

CVE-2021-1143

A vulnerability in Cisco Connected Mobile Experiences CMX API authorizations could allow an authenticated, remote attacker to enumerate what users exist on the system. The vulnerability is due to a lack of authorization checks for certain API GET requests. An attacker could exploit this...

4.3CVSS5.9AI score0.00126EPSS

Exploits0References1

Cvelist•added 2021/01/13 9:20 p.m.•9 views

CVE-2021-1143 Cisco Connected Mobile Experiences User Enumeration Vulnerability

4.3CVSS4.9AI score0.00126EPSS

Exploits0References1

CVE•added 2021/01/13 9:20 p.m.•49 views

CVE-2021-1143

Summary: CVE-2021-1143 affects Cisco Connected Mobile Experiences (CMX) where lack of authorization checks on certain CMX API GET requests allows an authenticated, remote attacker to enumerate CMX users. Affected product/area: CMX API authorizations within Cisco CMX (no specific version details i...

4.3CVSS4.6AI score0.00126EPSS

Exploits0References1Affected Software1

Cisco•added 2021/01/13 4:0 p.m.•113 views

Cisco Connected Mobile Experiences Privilege Escalation Vulnerability

A vulnerability in Cisco Connected Mobile Experiences CMX could allow a remote, authenticated attacker without administrative privileges to alter the password of any user on an affected system. The vulnerability is due to incorrect handling of authorization checks for changing a password. An...

8.8CVSS8.7AI score0.00452EPSS

Exploits0References1

Positive Technologies•added 2021/01/13 12:0 a.m.•2 views

PT-2021-1645 · Cisco · Cisco Connected Mobile Experiences

Name of the Vulnerable Software and Affected Versions: Cisco Connected Mobile Experiences CMX affected versions not specified Description: The issue is related to a lack of authorization checks for certain API GET requests, which could allow an authenticated, remote attacker to enumerate users on...

4.3CVSS4.3AI score0.00126EPSS

Exploits0References3

CNNVD•added 2021/01/13 12:0 a.m.•2 views

Cisco Connected Mobile Experiences 访问控制错误漏洞

8.8CVSS7.3AI score0.00452EPSS

Exploits0References4

OSV•added 2020/08/26 5:15 p.m.•1 views

CVE-2020-3152

A vulnerability in Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to execute arbitrary commands with root privileges. The vulnerability is due to improper user permissions that are configured by default on an affected system. An...

6.7CVSS6.9AI score0.00018EPSS

Exploits0References1

Cvelist•added 2020/08/26 4:16 p.m.•9 views

CVE-2020-3151 Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability

A vulnerability in the CLI of Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. The vulnerability is due to insufficient security mechanisms in the restricted shell implementation. An attacker cou...

5.1CVSS6.6AI score0.00051EPSS

Exploits0References1

CVE•added 2020/08/26 4:16 p.m.•47 views

CVE-2020-3151

CVE-2020-3151 is a Cisco CMX restricted shell escape vulnerability. An authenticated, local attacker with administrative credentials can bypass CLI restrictions due to insufficient security in the restricted shell, enabling execution of normally unauthorized commands with non-root privileges. CNV...

6.7CVSS5.7AI score0.00051EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2020/08/26 4:16 p.m.•6 views

CVE-2020-3151 Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability

5.1CVSS7.1AI score0.00051EPSS

Exploits0References1

CVE•added 2020/08/26 4:16 p.m.•45 views

CVE-2020-3152

CVE-2020-3152 affects Cisco Connected Mobile Experiences (CMX). Affected component: CMX CLI with default misconfigured privileges. Root cause: improper user permissions configured by default, enabling an authenticated, local attacker with administrative credentials to execute arbitrary commands w...

7.2CVSS6.8AI score0.00018EPSS

Exploits0References1Affected Software1

CNVD•added 2020/08/20 12:0 a.m.•1 views

Cisco Connected Mobile Experiences Elevation of Privilege Vulnerability

Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. An elevation of privilege vulnerability exists in Cisco Connected Mobile Experiences 10.6.0, 10.6.1...

7.2CVSS7.8AI score0.00018EPSS

Exploits0References1

CNVD•added 2020/08/20 12:0 a.m.•6 views

Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability

Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. A restricted shell escape vulnerability exists in the CLI in Cisco Connected Mobile Experiences...

6.7CVSS7.1AI score0.00051EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by