Lucene search
K

14899 matches found

OpenVAS
OpenVAS
added 2021/11/06 12:0 a.m.30 views

Fedora: Security Advisory for ansible (FEDORA-2021-0e7910e389)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6.3AI score0.00384EPSS
Exploits0References2
OSV
OSV
added 2021/11/05 4:55 p.m.8 views

SUSE-SU-2021:3621-1 Security update for SUSE Manager Server 4.1

This update fixes the following issues: grafana-formula: - Version 0.4.2 Add SSH blackbox status check panel to clients dashboard Migrate deprecated panels in clients dashboard prometheus-formula: - Version 0.3.4 Fix opening Prometheus ports on proxy - Version 0.3.3 Add Prometheus targets...

7.5CVSS7.7AI score0.03449EPSS
Exploits0References23
The Hacker News
The Hacker News
added 2021/11/05 6:15 a.m.48 views

Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of...

10CVSS9.3AI score0.04631EPSS
Exploits0
NVD
NVD
added 2021/11/04 4:15 p.m.17 views

CVE-2021-40119

A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this...

10CVSS0.02417EPSS
Exploits0References1
Prion
Prion
added 2021/11/04 4:15 p.m.24 views

Authentication flaw

A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this...

10CVSS9.4AI score0.02417EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/11/04 3:35 p.m.61 views

CVE-2021-40119

CVE-2021-40119 affects Cisco Policy Suite. The root cause is reuse of static SSH keys across installations, enabling an unauthenticated attacker to log in as root via SSH to vulnerable devices. Cisco issued advisories and software updates; starting with Policy Suite releases 21.2.0 and later, dev...

10CVSS9.6AI score0.02417EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/04 3:35 p.m.20 views

CVE-2021-40119 Cisco Policy Suite Static SSH Keys Vulnerability

A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this...

9.8CVSS9.7AI score0.02417EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/11/04 3:35 p.m.12 views

CVE-2021-40119 Cisco Policy Suite Static SSH Keys Vulnerability

A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this...

9.8CVSS7.2AI score0.02417EPSS
Exploits0References1
Fedora
Fedora
added 2021/11/04 1:34 a.m.37 views

[SECURITY] Fedora 34 Update: ansible-2.9.27-1.fc34

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

5.5CVSS6.2AI score0.00384EPSS
Exploits0
Fedora
Fedora
added 2021/11/04 1:24 a.m.42 views

[SECURITY] Fedora 33 Update: ansible-2.9.27-1.fc33

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

5.5CVSS6.2AI score0.00384EPSS
Exploits0
CISA
CISA
added 2021/11/04 12:0 a.m.18 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/11/04 12:0 a.m.48 views

F5 Networks BIG-IP : libssh2 vulnerabilities (K90011301)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K90011301 advisory. CVE-2019-3856An integer overflow flaw, which could lead to an out of bounds write, was discovered in libss...

8.8CVSS7.8AI score0.06131EPSS
Exploits0References4
Cisco
Cisco
added 2021/11/03 4:0 p.m.39 views

Cisco Policy Suite Static SSH Keys Vulnerability

A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to a weakness in the SSH subsystem of an affected system. An attacker could exploit this...

9.8CVSS9.6AI score0.02417EPSS
Exploits0References1
Fedora
Fedora
added 2021/11/02 1:4 a.m.32 views

[SECURITY] Fedora 35 Update: ansible-2.9.27-1.fc35

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

5.5CVSS6.2AI score0.00384EPSS
Exploits0
NVD
NVD
added 2021/10/27 7:15 p.m.13 views

CVE-2021-34781

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...

8.6CVSS0.01346EPSS
Exploits0References1
Prion
Prion
added 2021/10/27 7:15 p.m.26 views

Design/Logic Flaw

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...

7.1CVSS7.5AI score0.01346EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2021/10/27 6:55 p.m.19 views

CVE-2021-34781 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...

8.6CVSS8.6AI score0.01346EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/10/27 6:55 p.m.15 views

CVE-2021-34781 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability

A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...

8.6CVSS7AI score0.01346EPSS
Exploits0References1
CVE
CVE
added 2021/10/27 6:55 p.m.77 views

CVE-2021-34781

The CVE-2021-34781 issue affects Cisco Firepower Threat Defense (FTD) Software in multi-Instance deployments, where improper error handling during SSH session establishment allows an unauthenticated, remote attacker to trigger resource exhaustion and a DoS condition. Exploitation involves sending...

8.6CVSS7.9AI score0.01346EPSS
Exploits0References1Affected Software3
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.26 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : cloud-init Multiple Vulnerabilities (NS-SA-2021-0151)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cloud-init packages installed that are affected by multiple vulnerabilities: - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys...

7.1CVSS6.2AI score0.01403EPSS
Exploits0References9
Rows per page
Query Builder