Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-6855

Malicious code in bioql PyPI...

10CVSS8.9AI score0.14359EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-26171

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01018EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/08/26 12:0 a.m.6 views

The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator (MSO) allows a attacker to increase their privileges.

The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator MSO is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain increased privileges...

10CVSS7.6AI score0.01018EPSS
Exploits0References2
NVD
NVD
added 2022/08/25 7:15 p.m.12 views

CVE-2022-20921

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...

8.8CVSS0.01018EPSS
Exploits0References1
OSV
OSV
added 2022/08/25 7:15 p.m.2 views

CVE-2022-20921

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...

8.8CVSS5.8AI score0.01018EPSS
Exploits0References1
Prion
Prion
added 2022/08/25 7:15 p.m.15 views

Authorization

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...

6.5CVSS8.4AI score0.01018EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/08/25 6:40 p.m.686 views

CVE-2022-20921

CVE-2022-20921 describes a privilege-escalation flaw in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO). The issue arises from improper API authorization, enabling an authenticated user with non-Administrator privileges to elevate to Administrator by sending crafted HTTP request...

8.8CVSS8.6AI score0.01018EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/08/25 6:40 p.m.3 views

CVE-2022-20921 Cisco ACI Multi-Site Orchestrator Privilege Escalation Vulnerability

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...

8.8CVSS5.6AI score0.01018EPSS
Exploits0References1
NCSC
NCSC
added 2022/08/25 12:0 a.m.4 views

Vulnerability fixed in Cisco ACI Multi-Site Orchestrator

Cisco has fixed a vulnerability in ACI Multi-Site Orchestrator. An authenticated malicious party can exploit the exploit the vulnerability to grant itself elevated privileges and execute commands under Administrator privileges. Cisco has released updates to fix the vulnerability in ACI Multi-Site...

8.8CVSS7.1AI score0.01018EPSS
Exploits0
CISA
CISA
added 2022/08/25 12:0 a.m.10 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates for vulnerabilities affecting ACI Multi-Site Orchestrator, FXOS, and NX-OS software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Securi...

2.5AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/08/24 4:0 p.m.4 views

CVE-2022-20921

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...

8.8CVSS7.3AI score0.01018EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/08/24 12:0 a.m.3 views

Cisco ACI Multi-Site Orchestrator 安全漏洞

Cisco ACI Multi-Site Orchestrator is a multi-site orchestrator from Cisco. It provides consistent network and policy orchestration, scalability, and disaster recovery across multiple data centers through a single management platform, while allowing data centers to go wherever the data is. A...

8.8CVSS5.6AI score0.01018EPSS
Exploits0References4
CNVD
CNVD
added 2021/08/26 12:0 a.m.13 views

Cisco Application Policy Infrastructure Controller Elevation of Privilege Vulnerability (CNVD-2021-68724)

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco USA.Cisco Application Policy Infrastructure An elevation of privilege vulnerability exists in the API endpoint of the Controller, which can be exploited by an...

9CVSS4AI score0.01971EPSS
Exploits0References1
Prion
Prion
added 2021/08/25 8:15 p.m.17 views

Design/Logic Flaw

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Application Policy Infrastructure Controller Cloud APIC could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device. This vulnerability is d...

9CVSS8.5AI score0.01971EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2021/08/25 7:10 p.m.20 views

CVE-2021-1578 Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Application Policy Infrastructure Controller Cloud APIC could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device. This vulnerability is d...

8.8CVSS6.8AI score0.01971EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/06/28 12:0 a.m.24 views

Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass (cisco-sa-mso-authbyp-bb5GmBQv)

According to its self-reported version, a vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator MSO installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper tok...

10CVSS8.8AI score0.14359EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/05/26 12:0 a.m.11 views

Cisco ACI Multi-Site Orchestrator (MSO) Detection

Binary data ciscoacimultisiteorchestratordetect.nbin...

7.3AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/03/02 12:0 a.m.5 views

The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator (MSO) allows a attacker to obtain a token with administrator privileges.

The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator MSO exists due to improper verification of tokens after they are released. Exploiting this vulnerability can allow an attacker who operates remotely to obtain tokens with administrator privileges...

10CVSS8AI score0.14359EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2021/02/26 8:11 a.m.6 views

Cisco Releases Security Patches for Critical Flaws Affecting its Products

Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure ACI Multi-Site Orchestrator MSO that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. "An attacker could exploit this vulnerability by sending a crafted...

10CVSS7.6AI score0.14359EPSS
Exploits0
CNVD
CNVD
added 2021/02/26 12:0 a.m.7 views

Unspecified Vulnerability in Cisco ACI Multi-Site Orchestrator

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. A security vulnerability exists in Cisco ACI Multi-Site Orchestrator that allows an unauthenticated, remote attacker to bypass authentication on an affected device...

10CVSS7.2AI score0.14359EPSS
Exploits0
Rows per page
Query Builder