Smart Software Manager On-prem@* Security Vulnerabilities and Issues — Smart Software Manager On-prem@* CVE List

Lucene search

CiscoSmart Software Manager On-prem*

9 matches found

CVE•added 2020/01/26 5:15 a.m.•99 views

CVE-2019-16029

A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service (DoS) condition of the web interface. T...

9.1CVSS8.4AI score0.00491EPSS

CVE•added 2022/07/06 9:15 p.m.•78 views

CVE-2022-20808

A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem....

7.7CVSS6.6AI score0.00696EPSS

CVE•added 2023/05/18 3:15 a.m.•75 views

CVE-2023-20110

A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validat...

6.5CVSS6.7AI score0.00186EPSS

CVE•added 2021/01/20 9:15 p.m.•66 views

CVE-2021-1219

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerabil...

7.8CVSS7.3AI score0.00047EPSS

CVE•added 2020/02/19 8:15 p.m.•65 views

CVE-2020-3158

A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password ...

9.8CVSS9.4AI score0.028EPSS

CVE•added 2021/01/20 9:15 p.m.•57 views

CVE-2021-1222

A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates values withi...

8.1CVSS7.5AI score0.00223EPSS

CVE•added 2021/01/20 9:15 p.m.•54 views

CVE-2021-1218

A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affe...

5.4CVSS4.8AI score0.00031EPSS

CVE•added 2020/06/18 3:15 a.m.•53 views

CVE-2020-3245

A vulnerability in the web application of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to create arbitrary user accounts. The vulnerability is due to the lack of authorization controls in the web application. An attacker could exploit this vulne...

5.3CVSS5.4AI score0.0021EPSS

CVE•added 2021/10/06 8:15 p.m.•29 views

CVE-2021-34766

A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions. This vulnerability is due to insufficient authorization of the Syst...

8.8CVSS6.3AI score0.00109EPSS