21 matches found
EUVD-2017-3801
Malware in sbrugna...
EUVD-2018-7255
Malware in sbrugna...
EUVD-2018-1286
Malware in sbrugna...
CVE-2023-20059
A vulnerability in the implementation of the Cisco Network Plug-and-Play PnP agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. The attacker must have valid low-privileged user credentials. This vulnerability is due to improper...
Cisco IOS Software Software Plug and Play Agent Memory Leak(cisco-sa-20180926-pnp-memleak)
According to its self-reported version, Cisco IOS is affected by a memory leak vulnerability in the Cisco Network Plug and Play agent due to insufficient input validation. An unauthenticated, remote attacker can exploit this, by sending invalid data to the Cisco Network Plug and Play agent on an...
Cisco IOS Software Network Plug-and-Play Agent Certificate Validation Vulnerability
According to its self-reported version, the installed Cisco IOS software is affected by a vulnerability in the Cisco Network Plug-and-Play PnP agent. This vulnerability allows an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the...
Cisco IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability
According to its self-reported version, the installed Cisco IOS XE software is affected by a vulnerability in the Cisco Network Plug-and-Play PnP agent. This vulnerability allows an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because th...
Information disclosure
A vulnerability in the Cisco Network Plug-and-Play PnP agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates...
CVE-2019-1748
A vulnerability in the Cisco Network Plug-and-Play PnP agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates...
Cisco IOS and IOS XE Software Network Plug-and-Play Agent Certificate Validation Vulnerability
A vulnerability in the Cisco Network Plug-and-Play PnP agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently validates certificates...
CVE-2018-15377
A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient...
Input validation
A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient...
CVE-2018-0463
CVE-2018-0463 describes a vulnerability in the Cisco Network Plug and Play server component of Cisco NSO. The issue stems from incomplete validation when NSO is configured to use Secure Unique Device Identifier (SUDI) authentication, allowing an unauthenticated, remote attacker to gain unauthoriz...
CVE-2018-15377
Cisco IOS and IOS XE Software Plug and Play (Open Plug-n-Play) agent has a memory-leak vulnerability caused by insufficient input validation. An unauthenticated, remote attacker can send invalid data to the Plug and Play agent, potentially causing a memory leak and device reload. Affected: Cisco ...
Cisco Network Services Orchestrator Network Plug and Play server component privilege access control vulnerability
Cisco Network Services Orchestrator NSO is the United States Cisco Cisco company's set of network automation service solutions. network Plug and Play server is one of the network plug and play server components. A privilege access control vulnerability exists in the Network Plug and Play server...
Cisco Network Services Orchestrator Network Plug and Play Information Disclosure Vulnerability
A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator NSO could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists because the Network...
CVE-2017-12228
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient...
Design/Logic Flaw
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient...
CVE-2017-12228
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient...
Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate...