4947 matches found
Authorization
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
Authorization
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1135
CVE-2021-1135 concerns Cisco Data Center Network Manager (DCNM) REST API vulnerabilities. The issue arises from an incorrect denylist comparison in a REST API path, enabling an authenticated, remote attacker to view, modify, or delete data without proper authorization. Affected DCNM versions prio...
CVE-2021-1135 Cisco Data Center Network Manager REST API Vulnerabilities
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1248 Cisco Data Center Network Manager SQL Injection Vulnerabilities
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1248
CVE-2021-1248 affects Cisco Data Center Network Manager (DCNM) with multiple SQL injection vulnerabilities in certain REST API endpoints. An authenticated, remote attacker could execute arbitrary SQL commands on an affected device. Connected sources confirm DCNM SQL-injection vulnerabilities and ...
CVE-2021-1248 Cisco Data Center Network Manager SQL Injection Vulnerabilities
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1247
Cisco Data Center Network Manager (DCNM) is affected by multiple SQL injection vulnerabilities in REST API endpoints. The root cause, as described in linked advisories, is insufficient input validation in DCNM REST API handling, which could allow an authenticated, remote attacker to execute arbit...
CVE-2021-1255 Cisco Data Center Network Manager REST API Vulnerabilities
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1255
Cisco DCNM REST API path and data handling vulnerabilities (CVE-2021-1255) allow an authenticated, remote attacker to view, modify, and delete data due to insufficient authorization checks in a DCNM REST endpoint. Public sources reference path traversal in DCNM versions prior to 11.4(1) and a bro...
CVE-2021-1255 Cisco Data Center Network Manager REST API Vulnerabilities
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1133 Cisco Data Center Network Manager REST API Vulnerabilities
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1133
Cisco DCNM REST API vulnerabilities allow an authenticated, remote attacker to view, modify, and delete data due to insufficient API input validation, including a path traversal issue described in CNVD-2021-09309. The CVE entry covers multiple REST API weaknesses in DCNM, affecting version prior ...
CVE-2021-1133 Cisco Data Center Network Manager REST API Vulnerabilities
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
Cisco Data Center Network Manager SQL Injection Vulnerabilities
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see the Details "details" section of this...
Cisco Data Center Network Manager REST API Vulnerabilities
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details "details" section of this...
[SECURITY] Fedora 32 Update: coturn-4.5.2-1.fc32
The Coturn TURN Server is a VoIP media traffic NAT traversal server and gat eway. It can be used as a general-purpose network traffic TURN server/gateway, to o. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relayin...
Cisco Data Center Network Manager 安全漏洞
Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A configuration bypass vulnerability exists in one of the REST API endpoints in...
CVE-2021-21246
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However for the /users/id endpoint there are no security checks enforced so it is possible to retrieve...
Design/Logic Flaw
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However for the /users/id endpoint there are no security checks enforced so it is possible to retrieve...