21 matches found
EUVD-2020-24524
Malware in sbrugna...
EUVD-2018-1098
Malware in sbrugna...
Cisco Firepower Threat Defense Software Shell Access (cisco-sa-ftd-shell-9rhJF68K)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a shell access vulnerability in the support tunnel feature due to improper configuration of that feature. An authenticated, local attacker can exploit this, by enabling the support tunnel, setting a key...
CVE-2020-3253
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
CVE-2020-3253
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
Input validation
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
CVE-2020-3253 Cisco Firepower Threat Defense Software Shell Access Vulnerability
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
CVE-2020-3253 Cisco Firepower Threat Defense Software Shell Access Vulnerability
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
CVE-2020-3253
Cisco Firepower Threat Defense (FTD) Software contains a shell access vulnerability in the support tunnel feature. An authenticated, local attacker can enable the support tunnel, set a key, and derive the tunnel password to execute arbitrary commands with root privileges, even when expert mode is...
Cisco Firepower Threat Defense Software Shell Access Vulnerability
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
Cisco Identity Services Engine Misconfiguration Vulnerability
Cisco Identity Services Engine ISE is an identity-based environment awareness platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. A misconfiguration...
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
Input validation
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
CVE-2018-0275
Cisco Identity Services Engine (ISE) contains a local, authenticated-exploit vulnerability in the support tunnel feature. Improper configuration can let an attacker unlock the support user account and access the tunnel password and device serial number, enabling execution of arbitrary commands wi...
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
Cisco Identity Services Engine Shell Access Vulnerability
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
PT-2017-4252
Name of the Vulnerable Software and Affected Versions Cisco Umbrella Virtual Appliance versions prior to 2.1.0 Cisco Umbrella affected versions not specified Description The issue is related to errors in resource release in the web interface of the Cisco Umbrella security service. Exploitation of...
Cisco Umbrella Virtual Appliance 2.0.3 Undocumented Support Tunnel Vulnerability
Cisco Umbrella Virtual Appliance versions 2.0.3 and below contain an undocumented, auto-initiated reverse SSH tunnel which allows the Cisco Umbrella support team to have persistent and unrestricted access to the virtual appliance. Cisco Umbrella Virtual Appliance - Undocumented Support Tunnel...