Lucene search
K

132 matches found

CVE
CVE
added 2017/07/06 12:0 a.m.60 views

CVE-2017-6711

Summary (CVE-2017-6711): Cisco Ultra Services Framework’s Ultra Automation Service (UAS) is vulnerable due to an insecure default ZooKeeper configuration. An unauthenticated, remote attacker could access the device via the orchestrator network, gain access to ZooKeeper znodes, and influence the s...

9.1CVSS9.1AI score0.01555EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/07/06 12:0 a.m.21 views

CVE-2017-6709

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...

9.5AI score0.01292EPSS
Exploits0References1
CVE
CVE
added 2017/07/06 12:0 a.m.49 views

CVE-2017-6714

CVE-2017-6714 affects Cisco Ultra Services Framework Staging Server; the AutoIT service allows an unauthenticated remote attacker to execute arbitrary Linux shell commands as root due to improper shell invocations. Impact is confirmed as remote, unauthenticated arbitrary command execution with ro...

10CVSS9.7AI score0.042EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/07/06 12:0 a.m.14 views

CVE-2017-6711

A vulnerability in the Ultra Automation Service UAS of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeeper service used by the...

9.2AI score0.01555EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/07/06 12:0 a.m.21 views

CVE-2017-6708

A vulnerability in the symbolic link symlink creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of...

9.5AI score0.01456EPSS
Exploits0References2
Cisco
Cisco
added 2017/07/05 4:0 p.m.38 views

Cisco Ultra Services Framework UAS Unauthenticated Access Vulnerability

A vulnerability in the Ultra Automation Service UAS of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeeper service used by the...

9.1CVSS9.4AI score0.01555EPSS
Exploits0References1
Cisco
Cisco
added 2017/07/05 4:0 p.m.34 views

Cisco Ultra Services Framework AutoVNF Log File User Credential Information Disclosure Vulnerability

A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller ESC and Cisco OpenStack deployments in an affected system. The vulnerability exists because the...

7.5CVSS9.5AI score0.01292EPSS
Exploits0References1
Cisco
Cisco
added 2017/07/05 4:0 p.m.34 views

Cisco Ultra Services Framework Staging Server Arbitrary Command Execution Vulnerability

A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due to improper shell invocations. An attacker could exploit this vulnerability b...

9.8CVSS9.9AI score0.042EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/15 12:0 a.m.2 views

Cisco Ultra Services Framework Remote Security Bypass Vulnerability

Cisco Ultra Services Framework is the United States Cisco Cisco a smart online services payment platform. A security vulnerability exists in the AutoVNF login function in Cisco Ultra Services Framework, which is a program that fails to perform sufficient detection when creating a directory on a...

7.5CVSS7AI score0.01352EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/15 12:0 a.m.2 views

Cisco Ultra Services Framework Element Manager Insecure Default Password Vulnerability Vulnerability

Cisco Ultra Services Framework is an intelligent online services payment platform from Cisco, Inc.Element Manager is one of the software used to manage server switches. A security vulnerability exists in Cisco Ultra Services Framework Element Manager. A remote attacker could exploit the...

8.8CVSS6.9AI score0.01499EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/15 12:0 a.m.2 views

Cisco Ultra Services Framework Element Manager Default Password Vulnerability

Cisco Ultra Services Framework is an intelligent online services payment platform from Cisco, Inc.Element Manager is one of the software used to manage server switches. A security vulnerability exists in the Cisco Ultra Services Framework Element Manager that stems from the use of default static...

9CVSS7AI score0.02276EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/15 12:0 a.m.4 views

Cisco Ultra Services Framework Element Manager Default Credentials Security Bypass Vulnerability

Cisco Ultra Services Framework is an intelligent online services payment platform from Cisco, Inc.Element Manager is one of the software used to manage server switches. A security vulnerability exists in Cisco Ultra Services Framework Element Manager. A remote attacker could exploit the...

8.8CVSS6.9AI score0.01499EPSS
Exploits0References1
NVD
NVD
added 2017/06/13 6:29 a.m.12 views

CVE-2017-6685

A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76681. Known Affected...

8.8CVSS8.6AI score0.01499EPSS
Exploits0References2
NVD
NVD
added 2017/06/13 6:29 a.m.22 views

CVE-2017-6680

A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. More Information: CSCvc76652. Known Affected Releases: 21.0.0...

7.5CVSS7.6AI score0.01352EPSS
Exploits0References2
NVD
NVD
added 2017/06/13 6:29 a.m.15 views

CVE-2017-6686

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76699. Known...

8.8CVSS8.6AI score0.01499EPSS
Exploits0References2
NVD
NVD
added 2017/06/13 6:29 a.m.15 views

CVE-2017-6687

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability. More Information:...

8.8CVSS8.6AI score0.01499EPSS
Exploits0References2
OSV
OSV
added 2017/06/13 6:29 a.m.4 views

CVE-2017-6685

A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76681. Known Affected...

8.8CVSS5.8AI score0.01499EPSS
Exploits0References2
NVD
NVD
added 2017/06/13 6:29 a.m.18 views

CVE-2017-6692

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user, aka an Insecure Default Account Information Vulnerability. More Information: CSCvd85710. Known Affected Releases:...

9CVSS8.6AI score0.02276EPSS
Exploits0References2
Prion
Prion
added 2017/06/13 6:29 a.m.11 views

Default credentials

A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76681. Known Affected...

6.5CVSS8.4AI score0.01499EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/06/13 6:29 a.m.19 views

Design/Logic Flaw

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user, aka an Insecure Default Account Information Vulnerability. More Information: CSCvd85710. Known Affected Releases:...

9CVSS8.5AI score0.02276EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder