Lucene search
K
CiscoIntersight Virtual Appliance

7 matches found

CVE
CVE
added 2021/12/10 12:0 a.m.6791 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wildWeb
CVE
CVE
added 2021/10/06 7:46 p.m.77 views

CVE-2021-34748

Cisco Intersight Virtual Appliance is affected by a command-injection vulnerability in its web-based management interface caused by insufficient input validation. An authenticated, remote attacker could send crafted input to the interface and execute arbitrary commands with root-level privileges....

9CVSS9.2AI score0.0275EPSS
CVE
CVE
added 2023/08/16 9:0 p.m.66 views

CVE-2023-20237

CVE-2023-20237 affects Cisco Intersight Virtual Appliance. The issue arises from insufficient restrictions on internally accessible HTTP proxies, allowing an unauthenticated, adjacent attacker to submit a crafted CLI command and access internal HTTP services that are otherwise inaccessible, poten...

4.3CVSS4.6AI score0.00239EPSS
CVE
CVE
added 2021/07/22 3:20 p.m.47 views

CVE-2021-1617

Cisco Intersight Virtual Appliance (CVE-2021-1617) suffers from path traversal and command-injection vulnerabilities due to insufficient input validation in the web-based management interface. An authenticated remote attacker could use crafted input to read/write arbitrary files or execute comman...

6.5CVSS7.1AI score0.01525EPSS
CVE
CVE
added 2021/07/22 3:20 p.m.47 views

CVE-2021-1618

CVE-2021-1618 affects Cisco Intersight Virtual Appliance. Vulnerabilities in the web-based management interface allow authenticated, remote attackers to perform path traversal or command injection due to insufficient input validation. Impact per sources: reads/writes of arbitrary files and possib...

9CVSS7.3AI score0.02704EPSS
CVE
CVE
added 2021/07/22 3:20 p.m.40 views

CVE-2021-1601

Cisco Intersight Virtual Appliance contains IPv4/IPv6 forwarding vulnerabilities on the external management interface caused by insufficient restrictions on received packets. An unauthenticated, adjacent attacker could reach sensitive internal services and, per the advisory, potentially alter dev...

8.3CVSS8.4AI score0.00402EPSS
CVE
CVE
added 2021/07/22 3:20 p.m.39 views

CVE-2021-1600

CVE-2021-1600 refers to multiple vulnerabilities in Cisco Intersight Virtual Appliance where an unauthenticated, adjacent attacker could access sensitive internal services from an external interface due to insufficient restrictions on IPv4/IPv6 packets received on the external management interfac...

8.3CVSS8.4AI score0.00402EPSS