CVE-2021-1232 Cisco SD-WAN vManage Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for sensitive information that ...

The vulnerability of the PostgreSQL software component used in Brocade SANnav network management systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the PostgreSQL software component used in Brocade SANnav network management systems is related to insufficient protection for registration data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

Siemens SINEC NMS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Advantech WebAccess/NMS SQL Injection Vulnerability

Advantech WebAccess/NMS is a web browser based software suite for Network Management Systems NMS. A SQL injection vulnerability exists in Advantech WebAccess/NMS versions prior to 3.0.2. An attacker could exploit this vulnerability to gain access to sensitive information...

Advantech WebAccess stack buffer overflow vulnerability (CNVD-2018-10713)

Advantech WebAccess, etc. are products of Advantech, Advantech WebAccess is a set of HMI/SCADA software based on the browser architecture, which supports dynamic graphic display and real-time data control, and provides remote control and management of automation devices. The software supports...

Advantech WebAccess Information Disclosure Vulnerability (CNVD-2018-09823)

Advantech WebAccess, etc. are products of Advantech, Advantech WebAccess is a set of HMI/SCADA software based on the browser architecture, which supports dynamic graphic display and real-time data control, and provides remote control and management of automation devices. The software supports...

Advantech WebAccess Path Traversal Vulnerability (CNVD-2018-10709)

Advantech WebAccess is an Advantech product. Advantech WebAccess is a browser-based HMI/SCADA software that supports dynamic graphical display and real-time data control, and provides remote control and management of automation devices. The software supports dynamic graphical display and real-tim...

Advantech WebAccess SQL Injection Vulnerability

Advantech WebAccess, etc. are products of Advantech, Advantech WebAccess is a set of HMI/SCADA software based on the browser architecture, which supports dynamic graphic display and real-time data control, and provides remote control and management of automation devices. The software supports...

Critical Flaws Found in Network Management Systems

Eleven critical vulnerabilities have been patched in network management systems NMS from four leading manufacturers: Cloudview, Netikus, Paessler and Opmantek. The flaws enable remote cross-site scripting and command-injection attacks. Public disclosure of the vulnerabilities coincided with a...

Critical Flaws Found in Network Management Systems

Update Four leading network management system providers are busying patching and preparing fixes for a half-dozen critical cross-site scripting and SQL injection vulnerabilities disclosed Wednesday by Rapid7. Two Three of the affected vendors, Spiceworks, Ipswitch and Opsview, have already patche...