4 matches found
CVE-2022-20808
CVE-2022-20808 affects Cisco Smart Software Manager On-Prem (SSM On-Prem). The issue is a DoS caused by incorrect handling of multiple simultaneous device registrations, exploitable by an authenticated remote attacker sending multiple registration requests. The impact is an affected device experi...
Authorization
A vulnerability in the web UI of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions. This vulnerability is due to insufficient authorization of the Syst...
CVE-2021-34766
The CVE-2021-34766 issue affects Cisco Smart Software Manager On-Prem (SSM On-Prem) Web UI. The root cause is insufficient authorization for System User and System Operator capabilities, allowing an authenticated remote attacker to elevate privileges and perform create/read/update/delete actions ...
CVE-2020-3443
CVE-2020-3443 concerns Cisco Smart Software Manager On-Prem (SSM On-Prem). Root cause: insufficient authorization of the System Operator role capabilities, enabling an authenticated remote attacker to log in as System Operator, perform actions, and assume a higher privileged role. Impact: could g...