Lucene search
K

179 matches found

The Hacker News
The Hacker News
added 2022/02/18 5:19 a.m.71 views

Attackers Can Crash Cisco Email Security Appliances by Sending Malicious Emails

Cisco has released security updates to contain three vulnerabilities affecting its products, including one high-severity flaw in its Email Security Appliance ESA that could result in a denial-of-service DoS condition on an affected device. The weakness, assigned the identifier CVE-2022-20653 CVSS...

7.5CVSS1.4AI score0.01804EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/02/17 12:0 a.m.3 views

CVE-2022-20659

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This...

6.1CVSS6.8AI score0.01213EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.4 views

The vulnerability in the web interface of the software system for monitoring and managing Cisco Prime Infrastructure network equipment, as well as the Cisco Evolved Programmable Network Manager software for managing network services, allows a perpetrator to write arbitrary files.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager software relates to deficiencies in path name checking for access-limited directories. Exploiting this vulnerability could allow a malicious actor to...

6.5CVSS5.5AI score0.01649EPSS
Exploits0References2Affected Software2
Cisco
Cisco
added 2022/01/12 4:0 p.m.32 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an attacker to conduct a path traversal attack on an affected device or conduct a cross-site scripting XSS attack against a user of the...

6.5CVSS6.2AI score0.01649EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.4 views

Cisco Evolved Programmable Network Manager和Cisco Prime Infrastructure 安全漏洞

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are both products of Cisco Corporation.Cisco Evolved Programmable Network Manager is a network management Cisco Prime Infrastructure is a software application. Cisco Evolved Programmable Network Manager is a network...

6.5CVSS5.6AI score0.01649EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.4 views

Cisco Prime Infrastructure 和 Evolved Programmable Network Manager 跨站脚本漏洞

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are both products of Cisco Corporation.Cisco Evolved Programmable Network Manager is a network management Cisco Prime Infrastructure is a software application. Cisco Prime Infrastructure is a software application used to...

6.1CVSS5.7AI score0.00496EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/01/12 12:0 a.m.6 views

PT-2022-1438 · Cisco · Cisco Prime Infrastructure +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure versions affected versions not specified Cisco Evolved Programmable Network Manager versions affected versions not specified Description: The issue is related to insufficient input validation of the HTTPS URL by the...

6.5CVSS7.3AI score0.01649EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2021/12/13 12:0 a.m.3 views

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM), allows a perpetrator to execute arbitrary code and gain access to protected information.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager software relates to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to execute...

6.4CVSS6.3AI score0.0058EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/12/09 12:0 a.m.5 views

The vulnerability of the CLI component of the Cisco Prime Infrastructure monitoring and network management system, as well as the Cisco Evolved Programmable Network (EPN) Manager software, allows a malicious individual to gain unauthorized access to the device.

The vulnerability of the CLI component of the Cisco Prime Infrastructure monitoring and network management system, as well as the Cisco Evolved Programmable Network EPN Manager software, is related to insufficient protection for registration data. Exploiting this vulnerability can allow an attack...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2021/11/04 4:15 p.m.16 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...

3.5CVSS5.3AI score0.0058EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/11/04 3:40 p.m.26 views

CVE-2021-34784 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...

5.4CVSS5.4AI score0.0058EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/11/04 3:40 p.m.16 views

CVE-2021-34784 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...

5.4CVSS5.8AI score0.0058EPSS
Exploits0References1
NCSC
NCSC
added 2021/09/02 12:0 a.m.4 views

Vulnerability fixed in Cisco Prime Infrastructure and Evolved Programmable Network Manager

Cisco has fixed a vulnerability in Prime Infrastructure and Evolved Programmable Network Manager. An authenticated malicious person with access to the command-line interface could exploit the exploit the vulnerability to gain access to sensitive information. Cisco has released updates to fix the...

5.5CVSS7AI score0.00225EPSS
Exploits0
Cisco
Cisco
added 2021/09/01 4:0 p.m.53 views

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Information Disclosure Vulnerability

A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system. This vulnerability exists because sensitive...

5.5CVSS5.5AI score0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/01 12:0 a.m.3 views

Cisco Prime Infrastructure信息泄露漏洞

Cisco Prime Infrastructure is a software application from Cisco USA. It is used to simplify the management of wireless and wired networks. An information disclosure vulnerability exists in Cisco Prime Infrastructure and Evolved Programmable Network Manager, which stems from a vulnerability in the...

5.5CVSS5.8AI score0.00225EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/08/13 12:0 a.m.34 views

Cisco Evolved Programmable Network Manager Information Disclosure (cisco-sa-epnm-info-disc-PjTZ5r6C)

An information disclosure vulnerability exists in Cisco Evolved Programmable Network Manager. An authenticated, remote attacker can exploit this, by sending a specific API request to the affected application, to disclose potentially sensitive information about the application. Please see the...

6.5CVSS6.5AI score0.01095EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2021/08/04 5:20 p.m.9 views

CVE-2021-34707 Cisco Evolved Programmable Network Manager Sensitive Information Disclosure Vulnerability

A vulnerability in the REST API of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when responding to an API...

6.5CVSS6.2AI score0.01095EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/04 5:20 p.m.17 views

CVE-2021-34707 Cisco Evolved Programmable Network Manager Sensitive Information Disclosure Vulnerability

A vulnerability in the REST API of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when responding to an API...

6.5CVSS6.4AI score0.01095EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/05/24 12:0 a.m.4 views

The vulnerability of the Cisco Prime Infrastructure monitoring and management system, the Cisco Evolved Programmable Network (EPN) Manager software for managing network services, and the Cisco Identity Services Engine platform for managing connection policies arises from improper external control of file names or paths. This allows attackers to write arbitrary files.

The vulnerability of the Cisco Prime Infrastructure monitoring and management system, the Cisco Evolved Programmable Network EPN Manager software for managing network services, and the Cisco Identity Services Engine connection policy management platform are related to improper external manipulati...

4.4CVSS5.5AI score0.00212EPSS
Exploits0References2Affected Software3
CNVD
CNVD
added 2021/05/21 12:0 a.m.4 views

Cisco Prime Infrastructure Operating System Command Injection Vulnerability

Cisco Prime Infrastructure is a software application from Cisco USA. It is used to simplify the management of wireless and wired networks. An operating system command injection vulnerability exists in Cisco Prime Infrastructure and Evolved Programmable Network EPN Manager, which can be exploited ...

9CVSS8.1AI score0.02115EPSS
Exploits0References1
Rows per page
Query Builder