Lucene search

K
CiscoSmart Software Manager On-prem*

7 matches found

CVE
CVE
added 2024/07/17 5:15 p.m.255 views

CVE-2024-20419

A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to change the password of any user, including administrative users. This vulnerability is due to improper implementation of the password-change process....

10CVSS7.6AI score0.91346EPSS
Web
CVE
CVE
added 2024/11/15 4:15 p.m.111 views

CVE-2022-20939

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system.This vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this vu...

4.3CVSS4.5AI score0.00099EPSS
CVE
CVE
added 2020/01/26 5:15 a.m.100 views

CVE-2019-16029

A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service (DoS) condition of the web interface. T...

9.1CVSS8.4AI score0.00491EPSS
CVE
CVE
added 2023/05/18 3:15 a.m.78 views

CVE-2023-20110

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

6.5CVSS6.7AI score0.00186EPSS
CVE
CVE
added 2020/02/19 8:15 p.m.66 views

CVE-2020-3158

A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password ...

9.8CVSS9.4AI score0.028EPSS
CVE
CVE
added 2020/06/18 3:15 a.m.54 views

CVE-2020-3245

A vulnerability in the web application of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to create arbitrary user accounts. The vulnerability is due to the lack of authorization controls in the web application. An attacker could exploit this vulne...

5.3CVSS5.4AI score0.0021EPSS
CVE
CVE
added 2021/10/06 8:15 p.m.30 views

CVE-2021-34766

A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions. This vulnerability is due to insufficient authorization of the Syst...

8.8CVSS6.3AI score0.0012EPSS