CVE-2024-20490

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

CVE-2013-1185

The web interface in the Manager component in Cisco Unified Computing System UCS 1.x and 2.x before 2.02m allows remote attackers to obtain sensitive information by reading a 1 technical-support bundle file or 2 on-device configuration backup, aka Bug ID CSCtq86543...

CVE-2024-20442

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker...

CVE-2024-20442

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker...

CVE-2024-20442 Cisco Nexus Dashboard Unauthorized API Endpoints Vulnerability

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. This vulnerability is due to insufficient authorization controls on some REST API endpoints. An attacker...

CVE-2024-20442

Cisco Nexus Dashboard exposes a REST API vulnerability due to insufficient authorization controls on certain endpoints. An authenticated, low-privileged, remote attacker could perform limited Administrator actions such as viewing portions of the web UI, generating config backups, or deleting tech...

PT-2024-8626 · Cisco · Cisco Nexus Dashboard

Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard affected versions not specified Description: A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an...

Cisco Nexus Dashboard 安全漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard that stems from the possibility that HTTP proxy credentials could be recorded in internal logs stored in...

Cisco Nexus Dashboard 安全漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard that originates when remote controller credentials are recorded in internal logs stored in technical support...

Cortex-XDR-Config-Extractor - Cortex XDR Config Extractor

This tool is meant to be used during Red Team Assessments and to audit the XDR Settings. With this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible...

Palo Alto Networks Cortex XDR Information Disclosure Vulnerability

Palo Alto Networks Cortex XDR is a security operations platform for remote endpoint-based detection from Palo Alto Networks Malaysia. A security vulnerability exists in the Palo Alto Networks Cortex XDR agent that can be exploited by an attacker to read the contents of any file on the system with...

Cisco Application Services Engine Unauthorized Access Vulnerabilities (cisco-sa-case-mvuln-dYrDPC6w)

According to its self-reported version, Cisco Application Services Engine affected by multiple Unauthorized Access Vulnerabilities. - A vulnerability in Cisco Application Services Engine could allow an unauthenticated, remote attacker to access a privileged service on an affected device. The...

October 2012 cumulative time zone update for Windows operating systems

October 2012 cumulative time zone update for Windows operating systems Summary This update supersedes and replaces update 2633952, which was released in December 2011 and 2732052 which was released in August 2012 through Download Center. All additional time zone changes released as hotfixes after...

Palo Alto Networks VM Series firewalls trust management issue vulnerability

Palo Alto Networks VM Series firewalls is a virtualized firewall product from Palo Alto Networks, USA. A trust management issue vulnerability exists in Palo Alto Networks VM Series firewalls that stems from the inclusion of account credentials in technical support files. An attacker could exploit...

Atlassian Jira 8.2 < 8.5.4 Support Files Improper Authorization Vulnerability (JRASERVER-70564)

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 8.2.x prior to 8.5.4. It is, therefore, affected by an improper authorization vulnerability. Support zip files could be downloaded by a system administrator user without...

Improper authorization on support files vulnerability in Jira - CVE-2019-20402

Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability...

Open Source Malware Analysis Platform: FAME

Open Source Malware Analysis Platform FAME is an open source malware analysis platform that is meant to facilitate analysis of malware-related files, leveraging as much knowledge as possible in order to speed up and automate end-to-end analysis. FAME should be seen as a malware analysis framework...

Description of the cumulative update for Office Communications Server 2007 R2, Mediation Server: April 2010

Describes the issues that are fixed in the cumulative update package for Office Communications Server 2007 R2, Mediation Server that is dated April 2010.SummaryThis article describes the Office Communications Server 2007 R2, Mediation Server issues that are fixed in the Office Communications Serv...

An update is available for System Center Advisor: May 2012

An update is available for System Center Advisor: May 2012 Summary Microsoft has released the on-premises client Update Rollup 1 for Microsoft System Center Advisor. This update is dated May 22, 2012. This article describes the following information about the update: The issues that the update...

Description of the cumulative update for Lync Server 2010, Administrative Tools: February 2012

Describes the issues that are resolved in the cumulative update package for Lync Server 2010, Administration Tools that is dated February 2012.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Administration Tools that is dated February...