Lucene search
K

17 matches found

NVD
NVD
added 2026/04/28 2:16 p.m.6 views

CVE-2026-5944

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...

8.8CVSS0.00533EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/28 1:6 p.m.1 views

CVE-2026-5944 Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...

8.8CVSS5.3AI score0.00533EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/28 1:6 p.m.7 views

CVE-2026-5944

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...

8.8CVSS5.3AI score0.00533EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/28 1:6 p.m.36 views

CVE-2026-5944

Cisco Intersight Device Connector for Nutanix Prism Central exposes an unauthenticated API passthrough on TCP 7373. An unauthenticated network attacker can query the endpoint to enumerate cluster metadata (VM information and cluster configuration). The API is primarily read-only, but some cluster...

8.8CVSS5.4AI score0.00533EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/28 1:6 p.m.31 views

CVE-2026-5944 Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...

8.8CVSS0.00533EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.8 views

Nutanix Prism Central 访问控制错误漏洞

Nutanix Prism Central is a centralized management console provided by the American company Nutanix. Nutanix Prism Central has an access control vulnerability, which stems from improper access controls. This vulnerability allows unauthenticated attackers to access the system via the network, send...

8.8CVSS5.9AI score0.00533EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-54981

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 1:38 a.m.9 views

CVE-2024-12223

Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...

9.3CVSS6.3AI score0.00311EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 1:15 a.m.4 views

CVE-2024-12223

Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...

9.3CVSS0.00311EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 12:44 a.m.9 views

CVE-2024-12223 Stored Cross-site Scripting (XSS) in Nutanix Prism Central

Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...

9.3CVSS0.00311EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 12:44 a.m.34 views

CVE-2024-12223

CVE-2024-12223 corresponds to a stored cross-site scripting (XSS) vulnerability in Nutanix Prism Central. The issue affects Prism Central versions prior to 2024.3.1 and stems from the Events component, allowing an attacker to hijack a victim user’s session and execute actions in their security co...

9.3CVSS6.3AI score0.00311EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 12:44 a.m.5 views

CVE-2024-12223 Stored Cross-site Scripting (XSS) in Nutanix Prism Central

Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...

9.3CVSS6.3AI score0.00311EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.3 views

Nutanix Prism Central 跨站脚本漏洞

Nutanix Prism Central is a centralized management console from Nutanix USA. A security vulnerability exists in Nutanix Prism Central versions prior to 2024.3.1 that stems from a stored cross-site scripting vulnerability in the Events component that could lead to session hijacking...

9.3CVSS5.8AI score0.00311EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-33891 · Nutanix · Prism Central

Name of the Vulnerable Software and Affected Versions: Prism Central versions prior to 2024.3.1 Description: Prism Central is susceptible to a stored cross-site scripting attack through the Events component. This allows an attacker to hijack a victim user’s session and perform actions within that...

9.3CVSS6.4AI score0.00311EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2023/03/02 1:17 a.m.16 views

virt-who bug fix and enhancement update

An update is available for virt-who. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-who service collects information about the connection between the...

0.3AI score
Exploits0
Rockylinux
Rockylinux
added 2023/01/12 8:25 a.m.11 views

virt-who bug fix and enhancement update

An update is available for virt-who. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-who service collects information about the connection between the...

0.3AI score
Exploits0
Rockylinux
Rockylinux
added 2022/10/25 7:31 a.m.19 views

virt-who bug fix and enhancement update

An update is available for virt-who. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-who service collects information about the connection between the...

0.3AI score
Exploits0
Rows per page
Query Builder