6 matches found
CVE-2022-20939
CVE-2022-20939 refers to a privilege-escalation vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) via the web-based management interface. The root cause is inadequate protection of sensitive user information, enabling an authenticated, remote attacker to access certain logs and ...
CVE-2021-1138
CVE-2021-1138 affects Cisco Smart Software Manager Satellite web UI. A command-injection vulnerability stems from insufficient input validation in the Satellite web interface, enabling an unauthenticated, remote attacker to execute arbitrary commands on the underlying OS. Impact is remote code ex...
CVE-2021-1142
CVE-2021-1142 affects Cisco Smart Software Manager Satellite Web UI. Affected: Satellite 5.1.0 and earlier. Root cause: insufficient input validation in the web UI enabling command injection. Impact: unauthenticated, remote attacker could execute arbitrary OS commands. Remediation: Cisco advisory...
CVE-2021-1140
CVE-2021-1140 is linked to Cisco Smart Software Manager Satellite Web UI command-injection vulnerabilities. Connected sources confirm unauthenticated remote command execution via the Satellite web interface, due to insufficient input validation, affecting Satellite releases 5.1.0 and earlier. Rem...
CVE-2021-1141
Cisco Smart Software Manager Satellite Web UI has a command-injection vulnerability that allows an unauthenticated, remote attacker to execute arbitrary OS commands. Multiple sources (CVE-2021-1141, CNVD-2021-09934, CNVD-derived entries, and the Cisco advisory) confirm web UI input-validation wea...
CVE-2021-1139
Cisco CVE-2021-1139 affects the Web UI of Cisco Smart Software Manager Satellite. The vulnerabilities stem from insufficient input validation in the Satellite web interface, allowing an unauthenticated, remote attacker to execute arbitrary commands on the underlying OS. Public sources in the conn...