Lucene search
K

8 matches found

Prion
Prion
added 2016/09/22 5:59 p.m.22 views

Cross site scripting

The Zone-Based Firewall ZBFW functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these...

4.3CVSS7.4AI score0.01255EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2016/01/23 5:59 a.m.17 views

Design/Logic Flaw

Cisco Identity Services Engine ISE before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926...

6.8CVSS6.7AI score0.01455EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/01/23 2:0 a.m.52 views

CVE-2015-6317

Cisco Identity Services Engine (ISE) versions prior to 2.0 are vulnerable to an unauthorized access flaw where a low-privileged, authenticated user can bypass web-resource access restrictions by requesting resources directly. The root cause is improper filtering of web resources for administrativ...

6.8CVSS6.1AI score0.01455EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2015/04/11 1:59 a.m.20 views

CVE-2015-0694

Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806...

5CVSS6.9AI score0.01643EPSS
Exploits0References2
Prion
Prion
added 2015/04/11 1:59 a.m.18 views

Design/Logic Flaw

Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806...

5CVSS7.5AI score0.01643EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/04/11 1:0 a.m.18 views

CVE-2015-0694

Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806...

6.9AI score0.01643EPSS
Exploits0References2
Prion
Prion
added 2015/02/17 1:59 a.m.22 views

Authentication flaw

Cisco Adaptive Security Appliance ASA Software 9.2.3 and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID...

4CVSS6.9AI score0.01782EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/02/17 1:0 a.m.24 views

CVE-2014-8023

Cisco Adaptive Security Appliance ASA Software 9.2.3 and earlier, when challenge-response authentication is used, does not properly select tunnel groups, which allows remote authenticated users to bypass intended resource-access restrictions via a crafted tunnel-group parameter, aka Bug ID...

6.4AI score0.01782EPSS
Exploits0References5
Rows per page
Query Builder