9 matches found
CISCO-SA-20190717-WSMA
creationtimestamp| type| source ---|---|--- 2024-12-17 06:40:54+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113666792833808768...
Cisco IOS XE Software Privilege Escalation Vulnerability
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the web UI of Cisco IOS XE Software, which could allow an authenticated but unprivileged level 1, remote attacker to run privileged Cisco IOS commands by using the web UI.The vulnerability is due to a...
CVE-2019-1940
A vulnerability in the Web Services Management Agent WSMA feature of Cisco Industrial Network Director IND could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to insufficient X.509...
Code injection
A vulnerability in the Web Services Management Agent WSMA feature of Cisco Industrial Network Director IND could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to insufficient X.509...
CVE-2019-1940
Affects Cisco Industrial Network Director (IND) Web Services Management Agent (WSMA). The issue arises from insufficient validation of X.509 certificates during WSMA connection setup, allowing an unauthenticated, remote attacker to read sensitive data via a crafted certificate, enabling man-in-th...
CVE-2019-1940 Cisco Industrial Network Director Web Services Management Agent Unauthorized Information Disclosure Vulnerability
A vulnerability in the Web Services Management Agent WSMA feature of Cisco Industrial Network Director IND could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to insufficient X.509...
Cisco Industrial Network Director Web Services Management Agent Unauthorized Information Disclosure Vulnerability
A vulnerability in the Web Services Management Agent WSMA feature of Cisco Industrial Network Director IND could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to insufficient X.509...
CVE-2019-1755 Cisco IOS XE Software Command Injection Vulnerability
A vulnerability in the Web Services Management Agent WSMA function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperly sanitizes user-supplied...
CVE-2019-1753 Cisco IOS XE Software Privilege Escalation Vulnerability
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged level 1, remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to a failure to validate and sanitize input in Web Services Management Agent WSMA...