10 matches found
CVE-2026-20151
Cisco Smart Software Manager On-Prem (SSM On-Prem) web interface vulnerability allows an authenticated remote user to elevate privileges from low to administrative due to improper transmission of sensitive user information. Exploitation requires valid credentials (role: System User); attacker can...
CVE-2022-20939
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this...
Cisco Smart Software Manager On-Prem Password Change (cisco-sa-cssm-auth-sLw3uhUy)
According to its self-reported version, Cisco Smart Software Manager On-Prem Password Change is affected by a vulnerability. - A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of...
CVE-2024-20419
A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process...
CVE-2023-20110
CVE-2023-20110 affects Cisco Smart Software Manager On-Prem (SSM On-Prem). The web-based management interface fails to validate input, enabling an authenticated, low-privilege remote attacker to perform SQL injection and read data from the underlying database. Cisco and CNVD entries confirm the v...
CVE-2022-20808 Cisco Smart Software Manager On-Prem Denial of Service Vulnerability
A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. A...
CVE-2021-34766
A vulnerability in the web UI of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions. This vulnerability is due to insufficient authorization of the Syst...
The vulnerability in the web interface of the Cisco Smart Software Manager On-Prem administration tool allows a perpetrator to execute arbitrary commands.
The vulnerability of the web interface of the Cisco Smart Software Manager On-Prem administration tool is related to insufficient validation of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with elevated privileges remotely...
Cisco Critical Flaw Patched in WAN Software Solution
Cisco patched a critical flaw in its wide area network WAN software solution for enterprises, which if exploited could give remote, unauthenticated attackers administrator privileges. The flaw exists in Cisco Virtual Wide Area Application Services vWAAS, which is software that Cisco describes as ...
CVE-2019-16029
A vulnerability in the application programming interface API of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service DoS condition of the web interface. The...