4 matches found
CVE-2021-44228
CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...
CVE-2023-20237
CVE-2023-20237 affects Cisco Intersight Virtual Appliance. The issue arises from insufficient restrictions on internally accessible HTTP proxies, allowing an unauthenticated, adjacent attacker to submit a crafted CLI command and access internal HTTP services that are otherwise inaccessible, poten...
CVE-2021-1617
Cisco Intersight Virtual Appliance (CVE-2021-1617) suffers from path traversal and command-injection vulnerabilities due to insufficient input validation in the web-based management interface. An authenticated remote attacker could use crafted input to read/write arbitrary files or execute comman...
CVE-2021-1618
CVE-2021-1618 affects Cisco Intersight Virtual Appliance. Vulnerabilities in the web-based management interface allow authenticated, remote attackers to perform path traversal or command injection due to insufficient input validation. Impact per sources: reads/writes of arbitrary files and possib...