27 matches found
EUVD-2021-6855
Malicious code in bioql PyPI...
EUVD-2022-26171
Malicious code in bioql PyPI...
The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator (MSO) allows a attacker to increase their privileges.
The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator MSO is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain increased privileges...
CVE-2022-20921
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...
CVE-2022-20921
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...
Authorization
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...
CVE-2022-20921
CVE-2022-20921 describes a privilege-escalation flaw in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO). The issue arises from improper API authorization, enabling an authenticated user with non-Administrator privileges to elevate to Administrator by sending crafted HTTP request...
CVE-2022-20921 Cisco ACI Multi-Site Orchestrator Privilege Escalation Vulnerability
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...
Vulnerability fixed in Cisco ACI Multi-Site Orchestrator
Cisco has fixed a vulnerability in ACI Multi-Site Orchestrator. An authenticated malicious party can exploit the exploit the vulnerability to grant itself elevated privileges and execute commands under Administrator privileges. Cisco has released updates to fix the vulnerability in ACI Multi-Site...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates for vulnerabilities affecting ACI Multi-Site Orchestrator, FXOS, and NX-OS software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Securi...
CVE-2022-20921
A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...
Cisco ACI Multi-Site Orchestrator 安全漏洞
Cisco ACI Multi-Site Orchestrator is a multi-site orchestrator from Cisco. It provides consistent network and policy orchestration, scalability, and disaster recovery across multiple data centers through a single management platform, while allowing data centers to go wherever the data is. A...
Cisco Application Policy Infrastructure Controller Elevation of Privilege Vulnerability (CNVD-2021-68724)
Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco USA.Cisco Application Policy Infrastructure An elevation of privilege vulnerability exists in the API endpoint of the Controller, which can be exploited by an...
Design/Logic Flaw
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Application Policy Infrastructure Controller Cloud APIC could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device. This vulnerability is d...
CVE-2021-1578 Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Application Policy Infrastructure Controller Cloud APIC could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device. This vulnerability is d...
Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass (cisco-sa-mso-authbyp-bb5GmBQv)
According to its self-reported version, a vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator MSO installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper tok...
Cisco ACI Multi-Site Orchestrator (MSO) Detection
Binary data ciscoacimultisiteorchestratordetect.nbin...
The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator (MSO) allows a attacker to obtain a token with administrator privileges.
The vulnerability of the API component of the Cisco ACI Multi-Site Orchestrator MSO exists due to improper verification of tokens after they are released. Exploiting this vulnerability can allow an attacker who operates remotely to obtain tokens with administrator privileges...
Cisco Releases Security Patches for Critical Flaws Affecting its Products
Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure ACI Multi-Site Orchestrator MSO that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. "An attacker could exploit this vulnerability by sending a crafted...
Unspecified Vulnerability in Cisco ACI Multi-Site Orchestrator
Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. A security vulnerability exists in Cisco ACI Multi-Site Orchestrator that allows an unauthenticated, remote attacker to bypass authentication on an affected device...