19 matches found
EUVD-2024-18156
Malicious code in bioql PyPI...
EUVD-2024-18192
Malicious code in bioql PyPI...
EUVD-2024-18153
Malicious code in bioql PyPI...
CVE-2024-20441
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. This vulnerability is due to insufficient authorization controls on the affected REST API endpoint. An attacker could...
CVE-2024-20438
A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this...
CVE-2024-20477
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could...
CVE-2024-20477
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could...
CVE-2024-20477
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could...
CVE-2024-20438
A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this...
CVE-2024-20441
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. This vulnerability is due to insufficient authorization controls on the affected REST API endpoint. An attacker could...
CVE-2024-20438
A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit this...
CVE-2024-20477 Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Endpoint Vulnerability
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could...
CVE-2024-20477
Cisco CVE-2024-20477 concerns an unauthorized REST API endpoint in Cisco Nexus Dashboard Fabric Controller (NDFC). An authenticated, low-privilege, remote attacker could bypass authorization on this endpoint and upload files into a specific container or delete files from a folder within that cont...
CVE-2024-20477 Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Endpoint Vulnerability
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exists because of missing authorization controls on the affected REST API endpoint. An attacker could...
CVE-2024-20448
The CVE-2024-20448 involves Cisco Nexus Dashboard Fabric Controller (NDFC) (formerly DCNM). It stems from improper storage of sensitive data in config-only and full backup files, enabling an attacker with access to a backup generated by an affected device to view sensitive information, including ...
CVE-2024-20441
CVE-2024-20441 affects Cisco Nexus Dashboard Fabric Controller (NDFC) REST API endpoint. The issue arises from insufficient authorization controls on the endpoint, enabling an authenticated, low-privilege, remote attacker to access sensitive configuration data. A successful exploit could allow do...
CVE-2024-20438
Cisco Nexus Dashboard Fabric Controller (NDFC) REST API vulnerability allows an authenticated, low-privileged, remote attacker to read or write files on an affected device due to missing authorization controls on certain REST endpoints. The issue affects the NDFC/Nexus Dashboard REST APIs (subset...
Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability
A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device. This vulnerability is due to improper user authorization and insufficient...
PT-2024-8625 · Cisco · Cisco Ndfc
Name of the Vulnerable Software and Affected Versions: Cisco NDFC affected versions not specified Description: A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. This iss...