Lucene search
+L

237 matches found

cnvd
cnvd
added 2023/04/07 12:0 a.m.11 views

Cisco Secure Network Analytics Remote Code Execution Vulnerability (CNVD-2023-85955)

Cisco Secure Network Analytics Stealthwatch is a solution that supports cross-platform network streaming data collection. A remote code execution vulnerability exists in Cisco Secure Network Analytics, which can be exploited by an attacker to execute code on an affected device...

7.2CVSS8AI score0.00897EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2023/04/06 12:0 a.m.4 views

The vulnerability in the web interface of the Cisco Secure Network Analytics system, previously known as Cisco Stealthwatch Enterprise, allows a perpetrator to execute arbitrary commands.

The vulnerability in the web interface of the Cisco Secure Network Analytics system, previously known as Cisco Stealthwatch Enterprise, involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on behalf of an...

9CVSS8AI score0.01005EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2023/04/05 11:0 p.m.3 views

CVE-2023-20102

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS7.6AI score0.01005EPSS
Exploits0References2
osv
osv
added 2023/04/05 7:15 p.m.2 views

CVE-2023-20102

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS7.6AI score0.01005EPSS
Exploits0References1
nvd
nvd
added 2023/04/05 7:15 p.m.14 views

CVE-2023-20102

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS8.8AI score0.01005EPSS
Exploits0References1
prion
prion
added 2023/04/05 7:15 p.m.12 views

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

6.5CVSS8.7AI score0.01005EPSS
Exploits0References1Affected Software1
prion
prion
added 2023/04/05 7:15 p.m.15 views

Input validation

A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...

5.8CVSS7.2AI score0.00897EPSS
Exploits0References1Affected Software1
cisco
cisco
added 2023/04/05 4:0 p.m.33 views

Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...

4.9CVSS6.4AI score0.00897EPSS
Exploits0References1
cisco
cisco
added 2023/04/05 4:0 p.m.36 views

Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS8.8AI score0.01005EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/04/05 12:0 a.m.15 views

CVE-2023-20102 Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS7.9AI score0.01005EPSS
Exploits0References1
cve
cve
added 2023/04/05 12:0 a.m.100 views

CVE-2023-20102

CVE-2023-20102 affects Cisco Secure Network Analytics (SNAN) via the web-based management interface. The issue arises from insufficient sanitization of user-supplied data parsed into system memory, allowing an authenticated, remote attacker to execute arbitrary code on the underlying OS as the ad...

8.8CVSS8.8AI score0.01005EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2023/04/05 12:0 a.m.5 views

Cisco Secure Network Analytics 代码问题漏洞

Cisco Secure Network Analytics is one of the most comprehensive visibility and Network Traffic Analysis Nta/Network Detection and Response Ndr solutions from Cisco, Inc. It is used to provide continuous, real-time monitoring and a universal view of all network traffic. A security vulnerability...

8.8CVSS7.9AI score0.01005EPSS
Exploits0References3
cve
cve
added 2023/04/05 12:0 a.m.48 views

CVE-2023-20103

Cisco Secure Network Analytics (Stealthwatch) remote code execution (CVE-2023-20103) arises from insufficient validation of input on the web interface, enabling an authenticated attacker to upload a crafted file and execute code as root on an affected device. The attack requires valid Administrat...

7.2CVSS6.4AI score0.00897EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/04/05 12:0 a.m.10 views

CVE-2023-20103 Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...

4.9CVSS7.9AI score0.00897EPSS
Exploits0References1
cvelist
cvelist
added 2023/04/05 12:0 a.m.18 views

CVE-2023-20103 Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...

4.9CVSS7.4AI score0.00897EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/12/18 12:0 a.m.2 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A buffer error vulnerability exists in versions of the Linux kernel prior to 6.0.11, which stems from a missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless...

7.1CVSS6.8AI score0.00307EPSS
Exploits0References14
f5
f5
added 2022/12/16 12:2 a.m.83 views

K16863: Apache vulnerability CVE-2013-5704

Security Advisory Description The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in...

5CVSS6.3AI score0.60205EPSS
Exploits2Affected Software19
osv
osv
added 2022/08/24 8:15 p.m.4 views

CVE-2022-32857

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s...

4.3CVSS6.3AI score0.00239EPSS
Exploits0References6
osv
osv
added 2022/05/27 2:15 p.m.5 views

CVE-2022-20797

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to...

9.1CVSS6.1AI score0.01501EPSS
Exploits0References1
nvd
nvd
added 2022/05/27 2:15 p.m.29 views

CVE-2022-20797

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to...

9.1CVSS0.01501EPSS
Exploits0References1
Rows per page
Query Builder