Lucene search
K
CiscoSecure Network Analytics

8 matches found

CVE
CVE
added 2024/11/15 3:38 p.m.109 views

CVE-2022-20663

CVE-2022-20663 affects Cisco Secure Network Analytics (formerly Stealthwatch Enterprise). The issue is a cross-site scripting (XSS) vulnerability in the web-based management interface caused by insufficient validation of user-supplied input, exploitable when a user clicks a crafted link. An unaut...

6.1CVSS6.1AI score0.00472EPSS
CVE
CVE
added 2023/04/05 12:0 a.m.99 views

CVE-2023-20102

CVE-2023-20102 affects Cisco Secure Network Analytics (SNAN) via the web-based management interface. The issue arises from insufficient sanitization of user-supplied data parsed into system memory, allowing an authenticated, remote attacker to execute arbitrary code on the underlying OS as the ad...

8.8CVSS8.8AI score0.01005EPSS
CVE
CVE
added 2022/05/27 2:6 p.m.87 views

CVE-2022-20797

CVE-2022-20797 is a remote command execution vulnerability in the web-based management interface of Cisco Secure Network Analytics (formerly Cisco Stealthwatch Enterprise). It arises from insufficient input validation in the web UI, allowing an authenticated, remote attacker to inject commands an...

9.1CVSS6.9AI score0.01501EPSS
CVE
CVE
added 2022/04/06 6:13 p.m.74 views

CVE-2022-20741

CVE-2022-20741 concerns the web-based management interface of Cisco Secure Network Analytics (Network Diagrams application). The issue is a cross-site scripting (XSS) vulnerability arising from insufficient validation of user-supplied input in the interface. An authenticated, remote attacker coul...

5.4CVSS5.2AI score0.00557EPSS
CVE
CVE
added 2025/05/21 4:20 p.m.72 views

CVE-2025-20257

Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager are affected by CVE-2025-20257. The issue stems from insufficient authorization enforcement on a specific API, allowing an authenticated, low-privilege user to perform crafted API calls and generate fraudule...

6.5CVSS6.4AI score0.00277EPSS
CVE
CVE
added 2025/05/21 4:19 p.m.69 views

CVE-2025-20256

CVE-2025-20256 affects Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager. The issue is in the web-based management interface, caused by insufficient input validation in specific fields. An authenticated administrator can send crafted input to an affected de...

7.2CVSS6.8AI score0.00498EPSS
CVE
CVE
added 2025/04/16 4:7 p.m.64 views

CVE-2025-20178

CVE-2025-20178 affects Cisco Secure Network Analytics (web-based management interface). An authenticated attacker with valid administrative credentials can restore a malicious backup file to the device, exploiting insufficient integrity checks in device backups to obtain shell access as root on t...

7.2CVSS6.4AI score0.00327EPSS
CVE
CVE
added 2023/04/05 12:0 a.m.45 views

CVE-2023-20103

Cisco Secure Network Analytics (Stealthwatch) remote code execution (CVE-2023-20103) arises from insufficient validation of input on the web interface, enabling an authenticated attacker to upload a crafted file and execute code as root on an affected device. The attack requires valid Administrat...

7.2CVSS6.4AI score0.00897EPSS