75 matches found
CVE-2019-1841 Cisco DNA Center Unintended Proxy Via SWIM Import Interface Vulnerability
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...
CVE-2019-1841
Cisco DNA Center’s Software Image Management (SWIM) import interface vulnerability (CVE-2019-1841) allows an authenticated, remote attacker to access internal services without extra authentication due to insufficient input validation. Affected: Cisco DNA Center versions prior to 1.2.5. Impact des...
Cisco DNA Center Unintended Proxy Via SWIM Import Interface Vulnerability
A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...
PT-2019-1991 · Cisco · Cisco Dna Center
Name of the Vulnerable Software and Affected Versions: Cisco DNA Center versions prior to 1.2.5 Description: A vulnerability in the Software Image Management feature could allow an authenticated, remote attacker to access internal services without additional authentication. This issue is due to...
Input validation
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signature...
CVE-2019-1615
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability is due to improper verification of digital signature...
PT-2018-2066 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, but unprivileged levels...
CVE-2018-15370 Cisco Catalyst 6800 Series Switches ROM Monitor Software Secure Boot Bypass Vulnerability
A vulnerability in Cisco IOS ROM Monitor ROMMON Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, local attacker to bypass Cisco Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to the presence of a...
CVE-2018-15374
CVE-2018-15374 describes a digital signature verification bypass in the Cisco IOS XE Software Image Verification feature. An authenticated, local attacker could upload a legitimate-looking but malicious software image or file to an affected device, exploiting improper verification to bypass signa...
CVE-2017-12333
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit thi...
CVE-2017-12333
CVE-2017-12333 : Cisco NX-OS System Software contains a vulnerability that allows an authenticated, local attacker to bypass signature verification when loading a software image due to insufficient NX-OS signature verification. Affected products include Multilayer Director Switches, Nexus 7000 Se...
Cisco NX-OS System Software Image Signature Bypass Vulnerability
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-OS signature verification for software images. An authenticated, local attacker could exploit thi...
Cisco Unified IP Phones Multiple Vulnerabilities (cisco-sa-20110601-phone)
According to its self-reported version, the version of the Cisco Unified IP Phone software running on the remote device has the following vulnerabilities : - Cisco Unified IP Phones 7900 series are prone to privilege escalation vulnerabilities. An authenticated attacker could exploit this issue t...
Viscom Software Image Viewer ActiveX TIFMergeMultiFiles Vulnerability
Added: 11/28/2011 BID: 50712 Background Viscom Image Viewer CP is an image viewer ActiveX control that supports many popular image file formats, zoom in, zoom out, panning, auto zoom and auto scrolling when drawing the selection rectangle. Problem The ImageViewer2.OCX ActiveX control in Image...
Cisco Unified IP Phones 7900 Series Unsigned Code Installation Vulnerability
Cisco Unified IP Phones 7900 Series devices contain a vulnerability that could allow an authenticated, local attacker to load a software image without verification. The vulnerability is due to insecure security checks on software images. An authenticated, local attacker could exploit this...