CVE-2025-20214

A vulnerability in the Network Configuration Access Control Module NACM of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior caus...

Design/Logic Flaw

An issue was discovered in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4. NETCONF Access Management NACM allows unprivileged users to create privileged users and execute arbitrary commands via the use of the diagnostic-profile over RESTCONF...

CVE-2018-19648

An issue was discovered in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4. NETCONF Access Management NACM allows unprivileged users to create privileged users and execute arbitrary commands via the use of the diagnostic-profile over RESTCONF...

CVE-2018-19648

The CVE-2018-19648 entry concerns ADTRAN PMAA versions 1.6.2-1, 1.6.3, and 1.6.4. The root cause is a flaw in NETCONF Access Management (NACM) that lets unprivileged users create privileged accounts and run arbitrary commands through the diagnostic-profile over RESTCONF. Impact, per the sources, ...

CVE-2018-19648

An issue was discovered in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4. NETCONF Access Management NACM allows unprivileged users to create privileged users and execute arbitrary commands via the use of the diagnostic-profile over RESTCONF...