Lucene search
K
CiscoMobility Services Engine

13 matches found

CVE
CVE
added 2021/12/10 12:0 a.m.6778 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wild
CVE
CVE
added 2018/02/08 7:0 a.m.67 views

CVE-2018-0134

The CVE-2018-0134 issue affects Cisco Policy Suite’s RADIUS authentication module, where an unauthenticated, remote attacker can deduce whether a subscriber username is valid by observing distinct authentication failure messages. This information disclosure vulnerability originates from the RADIU...

5.3CVSS5.3AI score0.01446EPSS
CVE
CVE
added 2018/07/18 11:0 p.m.67 views

CVE-2018-0376

CVE-2018-0376 affects Cisco Policy Suite prior to 18.2.0, in which the Policy Builder interface lacked authentication, allowing unauthenticated remote access to modify or create repositories. The vulnerability is documented with high/severe impact (CVSS v3.0: 9.8, CRITICAL) and was acknowledged b...

9.8CVSS9.2AI score0.02725EPSS
CVE
CVE
added 2018/02/08 7:0 a.m.62 views

CVE-2018-0116

CVE-2018-0116 describes an authentication bypass in Cisco Policy Suite’s RADIUS module. An unauthenticated, remote attacker could be authorized as a subscriber without a valid password, provided a valid username is used, due to incorrect RADIUS user credential validation. Affected are Cisco Polic...

7.2CVSS7AI score0.0108EPSS
CVE
CVE
added 2018/07/18 11:0 p.m.57 views

CVE-2018-0377

Cisco Policy Suite CVE-2018-0377 concerns an unauthenticated access vulnerability in the OSGi interface prior to release 18.1.0. Root cause: lack of authentication on the OSGi interface, enabling remote connections that could read or modify files accessible to the OSGi process. Impact per sources...

9.8CVSS9.2AI score0.02725EPSS
CVE
CVE
added 2018/07/18 11:0 p.m.53 views

CVE-2018-0375

CVE-2018-0375 affects Cisco Policy Suite Cluster Manager prior to 18.2.0. Root cause: undocumented, static credentials allow an unauthenticated, remote attacker to log in as root and execute arbitrary commands. Impact: full root access over the affected system via network; high confidentiality, i...

10CVSS9.7AI score0.0379EPSS
CVE
CVE
added 2015/11/06 11:0 a.m.49 views

CVE-2015-6316

Cisco Mobility Services Engine (MSE) is affected by CVE-2015-6316 due to a default sshd_config setting that allows login via the oracle account with a hard-coded password. The issue affects MSE versions up to and including 8.0.120.7, enabling remote attackers to obtain access by authenticating as...

6.5CVSS6.8AI score0.02404EPSS
CVE
CVE
added 2015/07/10 7:0 p.m.47 views

CVE-2015-4263

Cisco Mobility Services Engine (MSE) 10.0(0.1) contains a vulnerability in the Control and Provisioning feature that allows remote authenticated users to read log files and obtain sensitive information. The root cause is sensitive data being included in certain log files. An attacker must authent...

4CVSS5.9AI score0.01499EPSS
CVE
CVE
added 2018/07/18 11:0 p.m.45 views

CVE-2018-0374

Cisco Policy Suite prior to version 18.2.0 vulnerable to an unauthenticated remote attack via the Policy Builder database. The root cause is lack of authentication, enabling an attacker to connect directly to the Policy Builder database and access or modify data. Affected component: Policy Builde...

9.8CVSS9.3AI score0.02725EPSS
CVE
CVE
added 2015/03/26 10:0 a.m.42 views

CVE-2015-0673

Cisco Mobility Services Engine (MSE) 8.0(110.0) is affected by CVE-2015-0673, a authenticated remote information disclosure vulnerability. The issue allows an attacker with valid credentials to reveal other users’ passwords by reading log files or via an unspecified GUI feature (Bug ID CSCut24792...

4CVSS6.7AI score0.01339EPSS
CVE
CVE
added 2015/11/06 11:0 a.m.42 views

CVE-2015-4282

Cisco Mobility Services Engine (MSE)

6.9CVSS6.4AI score0.0039EPSS
CVE
CVE
added 2017/04/07 5:0 p.m.39 views

CVE-2016-9197

CVE-2016-9197 affects Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers. The root cause is a vulnerability in the CLI command parser due to incorrect permissions assigned to configured users, enabling an authenticated, local attacker to obtain access to the underlying operating...

7.2CVSS6.4AI score0.0033EPSS
CVE
CVE
added 2013/09/04 1:0 a.m.34 views

CVE-2013-3469

CVE-2013-3469 concerns Cisco Mobility Services Engine where the Oracle SSL service is misconfigured, allowing an unauthenticated user to establish a session on the database-replication port via SSL and potentially access sensitive information. Cisco notes an anonymous login vulnerability and indi...

5CVSS6.6AI score0.01794EPSS