237 matches found
Cisco Secure Network Analytics Remote Code Execution Vulnerability (CNVD-2023-85955)
Cisco Secure Network Analytics Stealthwatch is a solution that supports cross-platform network streaming data collection. A remote code execution vulnerability exists in Cisco Secure Network Analytics, which can be exploited by an attacker to execute code on an affected device...
The vulnerability in the web interface of the Cisco Secure Network Analytics system, previously known as Cisco Stealthwatch Enterprise, allows a perpetrator to execute arbitrary commands.
The vulnerability in the web interface of the Cisco Secure Network Analytics system, previously known as Cisco Stealthwatch Enterprise, involves the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on behalf of an...
CVE-2023-20102
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...
CVE-2023-20102
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...
CVE-2023-20102
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...
Design/Logic Flaw
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...
Input validation
A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...
Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...
Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...
CVE-2023-20102 Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...
CVE-2023-20102
CVE-2023-20102 affects Cisco Secure Network Analytics (SNAN) via the web-based management interface. The issue arises from insufficient sanitization of user-supplied data parsed into system memory, allowing an authenticated, remote attacker to execute arbitrary code on the underlying OS as the ad...
Cisco Secure Network Analytics 代码问题漏洞
Cisco Secure Network Analytics is one of the most comprehensive visibility and Network Traffic Analysis Nta/Network Detection and Response Ndr solutions from Cisco, Inc. It is used to provide continuous, real-time monitoring and a universal view of all network traffic. A security vulnerability...
CVE-2023-20103
Cisco Secure Network Analytics (Stealthwatch) remote code execution (CVE-2023-20103) arises from insufficient validation of input on the web interface, enabling an authenticated attacker to upload a crafted file and execute code as root on an affected device. The attack requires valid Administrat...
CVE-2023-20103 Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...
CVE-2023-20103 Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A buffer error vulnerability exists in versions of the Linux kernel prior to 6.0.11, which stems from a missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless...
K16863: Apache vulnerability CVE-2013-5704
Security Advisory Description The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in...
CVE-2022-32857
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s...
CVE-2022-20797
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to...
CVE-2022-20797
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to...