Lucene search
K

237 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:36 a.m.6 views

CVE-2022-20663

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient...

6.1CVSS6.2AI score0.00472EPSS
Exploits0References1
NVD
NVD
added 2025/05/21 5:15 p.m.28 views

CVE-2025-20256

A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating...

7.2CVSS0.00498EPSS
Exploits0References1
OSV
OSV
added 2025/05/21 5:15 p.m.4 views

CVE-2025-20257

A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate alarms and alerts on an affected product. Th...

6.5CVSS5.8AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2025/05/21 5:15 p.m.14 views

CVE-2025-20257

A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate alarms and alerts on an affected product. Th...

6.5CVSS0.00277EPSS
Exploits0References1
CVE
CVE
added 2025/05/21 4:20 p.m.72 views

CVE-2025-20257

Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager are affected by CVE-2025-20257. The issue stems from insufficient authorization enforcement on a specific API, allowing an authenticated, low-privilege user to perform crafted API calls and generate fraudule...

6.5CVSS6.4AI score0.00277EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/21 4:20 p.m.16 views

CVE-2025-20257 Cisco Secure Network Analytics API Authorization Vulnerability

A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate alarms and alerts on an affected product. Th...

6.5CVSS6.8AI score0.00277EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/21 4:20 p.m.16 views

CVE-2025-20257 Cisco Secure Network Analytics API Authorization Vulnerability

A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate alarms and alerts on an affected product. Th...

6.5CVSS0.00277EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/21 4:19 p.m.15 views

CVE-2025-20256 Cisco Secure Network Analytics Manager Server-Side Template Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating...

6.5CVSS7.7AI score0.00498EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/21 4:19 p.m.23 views

CVE-2025-20256 Cisco Secure Network Analytics Manager Server-Side Template Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating...

6.5CVSS0.00498EPSS
Exploits0References1
CVE
CVE
added 2025/05/21 4:19 p.m.72 views

CVE-2025-20256

CVE-2025-20256 affects Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager. The issue is in the web-based management interface, caused by insufficient input validation in specific fields. An authenticated administrator can send crafted input to an affected de...

7.2CVSS6.8AI score0.00498EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2025/05/21 4:0 p.m.15 views

Cisco Secure Network Analytics Manager Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating...

6.5CVSS7.9AI score0.00498EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/21 4:0 p.m.11 views

Cisco Secure Network Analytics Manager API Authorization Vulnerability

A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate alarms and alerts on an affected product. Th...

6.5CVSS7AI score0.00277EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/21 12:0 a.m.6 views

PT-2025-22380 · Cisco · Cisco Secure Network Analytics Virtual Manager +1

Name of the Vulnerable Software and Affected Versions: Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker with...

8.5CVSS7AI score0.00498EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/21 12:0 a.m.4 views

Cisco Secure Network Analytics Manager和Cisco Secure Network Analytics Virtual Manager 安全漏洞

Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager are both products of Cisco, Inc.Cisco Secure Network Analytics Manager is a secure network analytics manager. Cisco Secure Network Analytics Manager is a secure network analytics manager.Cisco Secure Network...

6.5CVSS6.6AI score0.00277EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/21 12:0 a.m.6 views

PT-2025-22381 · Cisco · Cisco Secure Network Analytics Manager +1

Name of the Vulnerable Software and Affected Versions: Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager affected versions not specified Description: A vulnerability in the API subsystem could allow an authenticated, remote attacker with low privileges to...

6.8CVSS6.1AI score0.00277EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/08 9:39 p.m.12 views

CVE-2025-47419

Cleartext Transmission of Sensitive Information vulnerability in Crestron Automate VX allows Sniffing Network Traffic. The device allows Web UI and API access over non-secure network ports which exposes sensitive information such as user passwords. This issue affects Automate VX: from...

10CVSS6.8AI score0.00248EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/05/06 4:53 p.m.17 views

CVE-2025-30165 Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration

vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a SUB ZeroMQ socket and connect to an XPUB socket on the primary vLLM host. When data ...

8CVSS7.8AI score0.00502EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/06 4:53 p.m.47 views

CVE-2025-30165 Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration

vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a SUB ZeroMQ socket and connect to an XPUB socket on the primary vLLM host. When data ...

8CVSS0.00502EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/06 12:0 a.m.4 views

PT-2025-19899

Name of the Vulnerable Software and Affected Versions vllm versions 0.5.2 through 0.8.5.post1 Description The issue exists in the V0 engine of vLLM, which uses ZeroMQ for multi-node communication. When data is received on the SUB ZeroMQ socket, it is deserialized with pickle, allowing for potenti...

8CVSS8.9AI score0.00502EPSS
Exploits0References21
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.7 views

The vulnerability in the web-based interface of the Cisco Secure Network Analytics system (previously known as Cisco Stealthwatch Enterprise) allows a malicious actor to elevate their privileges to the root level.

The vulnerability in the web-based interface of the Cisco Secure Network Analytics system, previously known as Cisco Stealthwatch Enterprise, is related to errors in verifying the cryptographic signature. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root...

6.2CVSS5.5AI score0.00327EPSS
Exploits0References2
Rows per page
Query Builder