Lucene search
K

132 matches found

NVD
NVD
added 2017/08/17 8:29 p.m.18 views

CVE-2017-6771

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to...

7.5CVSS7.4AI score0.01707EPSS
Exploits0References2
OSV
OSV
added 2017/08/17 8:29 p.m.5 views

CVE-2017-6771

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to...

7.5CVSS5.8AI score0.01707EPSS
Exploits0References2
CVE
CVE
added 2017/08/17 8:0 p.m.50 views

CVE-2017-6771

The CVE-2017-6771 vulnerability affects the Cisco Ultra Services Framework AutoVNF automation tool, where an unauthenticated, remote attacker can view sensitive configuration data by browsing to a specific URL. Root cause: inadequate protection of sensitive data within AutoVNF. Impact: informatio...

7.5CVSS7.3AI score0.01707EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/17 8:0 p.m.20 views

CVE-2017-6771

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to...

7.4AI score0.01707EPSS
Exploits0References2
Cisco
Cisco
added 2017/08/16 4:0 p.m.44 views

Cisco Ultra Services Framework AutoVNF Configuration Information Disclosure Vulnerability

A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to...

5.9CVSS7.4AI score0.01707EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/27 12:0 a.m.3 views

Cisco Ultra Services Framework Information Disclosure Vulnerability

Cisco Ultra Services Framework is an intelligent online service delivery platform from the U.S. company Cisco Cisco. An information disclosure vulnerability exists in the AutoVNF VNFStagingView class in Cisco Ultra Services Framework version 21.0.0, which stems from the program failing to...

7.5CVSS6.2AI score0.02559EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2017/07/11 7:0 a.m.30 views

Internet Explorer Memory Corruption Vulnerability

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory via the Microsoft Windows Text Services Framework. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

7.6CVSS1.7AI score0.50373EPSS
Exploits3
CNVD
CNVD
added 2017/07/07 12:0 a.m.2 views

Cisco Ultra Services Framework Information Disclosure Vulnerability

Cisco Ultra Services Framework is the United States Cisco Cisco a smart online services payment platform. An information disclosure vulnerability exists in the symboliclink symlink creation function of the AutoVNF tool in the Cisco Ultra Services Framework, which arises from the program failing t...

9.8CVSS9.2AI score0.01456EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/07 12:0 a.m.2 views

Cisco Ultra Services Framework AutoVNF User Credential Information Disclosure Vulnerability

Cisco Ultra Services Framework is an intelligent online service delivery platform from Cisco.AutoVNF tool is one of the virtualized network tools. An information disclosure vulnerability exists in the AutoVNF tool in Cisco Ultra Services Framework versions prior to 5.0.3 and versions prior to 5.1...

9.8CVSS6.4AI score0.01292EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/07 12:0 a.m.3 views

Cisco Ultra Services Framework Staging Server Arbitrary Command Execution Vulnerability

Cisco Ultra is the virtual, mobile services platform. A security vulnerability in the AutoIT service of the Cisco Ultra Services Framework Staging Server can be exploited by an unauthenticated, remote attacker to execute arbitrary shell commands as a Linux root user due to a failure to properly...

10CVSS7.6AI score0.042EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/07 12:0 a.m.3 views

Cisco Ultra Services Framework Unauthorized Access Vulnerability

Cisco Ultra Services Framework is an intelligent online service delivery platform from Cisco.Ultra Automation Service is one of the automation services. A security vulnerability exists in Cisco Ultra Services Framework for UAS versions prior to 5.0.3 and prior to 5.1. A remote attacker could...

9.1CVSS7AI score0.01555EPSS
Exploits0References1
NVD
NVD
added 2017/07/06 12:29 a.m.21 views

CVE-2017-6709

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...

9.8CVSS9.5AI score0.01292EPSS
Exploits0References1
OSV
OSV
added 2017/07/06 12:29 a.m.3 views

CVE-2017-6714

A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due to improper shell invocations. An attacker could exploit this vulnerability b...

9.8CVSS6.1AI score0.042EPSS
Exploits0References2
OSV
OSV
added 2017/07/06 12:29 a.m.5 views

CVE-2017-6709

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...

9.8CVSS5.8AI score0.01292EPSS
Exploits0References1
NVD
NVD
added 2017/07/06 12:29 a.m.20 views

CVE-2017-6708

A vulnerability in the symbolic link symlink creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of...

9.8CVSS9.5AI score0.01456EPSS
Exploits0References2
NVD
NVD
added 2017/07/06 12:29 a.m.18 views

CVE-2017-6711

A vulnerability in the Ultra Automation Service UAS of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeeper service used by the...

9.1CVSS9.2AI score0.01555EPSS
Exploits0References2
Prion
Prion
added 2017/07/06 12:29 a.m.11 views

Input validation

A vulnerability in the symbolic link symlink creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of...

7.5CVSS9.4AI score0.01456EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/07/06 12:29 a.m.16 views

Code injection

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...

5CVSS9.3AI score0.01292EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/07/06 12:0 a.m.21 views

CVE-2017-6709

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...

9.5AI score0.01292EPSS
Exploits0References1
CVE
CVE
added 2017/07/06 12:0 a.m.49 views

CVE-2017-6714

CVE-2017-6714 affects Cisco Ultra Services Framework Staging Server; the AutoIT service allows an unauthenticated remote attacker to execute arbitrary Linux shell commands as root due to improper shell invocations. Impact is confirmed as remote, unauthenticated arbitrary command execution with ro...

10CVSS9.7AI score0.042EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder