371 matches found
PT-2020-20293 · Salesagility · Suitecrm
Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.11.11 Description: The issue allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module. Recommendations: For versions prior to 7.11.11, update to version 7.11.11 or later to resolve...
The vulnerability of the SOAP API interface of the Cisco Data Center Network Manager system allows a attacker to execute arbitrary commands.
The vulnerability of the SOAP API interface of the Cisco Data Center Network Manager DCNM system exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on t...
CVE-2019-15984
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...
CVE-2019-15985
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...
CVE-2019-15982
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15983
A vulnerability in the SOAP API of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need administrative privileges on the DCNM application...
Authentication flaw
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
Directory traversal
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
Sql injection
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...
CVE-2019-15978 Cisco Data Center Network Manager Command Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
CVE-2019-15978 Cisco Data Center Network Manager Command Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
CVE-2019-15979 Cisco Data Center Network Manager Command Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
CVE-2019-15979 Cisco Data Center Network Manager Command Injection Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...
CVE-2019-15980 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15980 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15981 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15981 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15982 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15982 Cisco Data Center Network Manager Path Traversal Vulnerabilities
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...
CVE-2019-15983
CVE-2019-15983 is an XML External Entity (XXE) reading vulnerability in Cisco Data Center Network Manager (DCNM) SOAP API. The issue arises when the SOAP API parses certain XML files, allowing an authenticated user with administrative privileges to exploit XXE and read arbitrary files from the de...