Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco digital network architecture center vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2018-0222
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote malicious user to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undoc...
Cisco Digital Network Architecture Center
10
CVSSv2
CVE-2018-0268
A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote malicious user to bypass authentication and gain elevated privileges. This vulnerability is due to an insecure default configuration of ...
Cisco Digital Network Architecture Center
1 Article
9
CVSSv2
CVE-2018-0427
A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote malicious user to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker cou...
Cisco Application Policy Infrastructure Controller Enterprise Module Dnac1.1
7.8
CVSSv2
CVE-2019-1675
A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote malicious user to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the d...
Cisco Aironet Active Sensor -
Cisco Digital Network Architecture Center
7.5
CVSSv2
CVE-2018-0448
A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote malicious user to bypass authentication and take complete control of identity management functions. The vulnerability is due to insufficien...
Cisco Digital Network Architecture Center
1 Article
7.5
CVSSv2
CVE-2018-15386
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote malicious user to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of...
Cisco Digital Network Architecture Center 1.1
Cisco Digital Network Architecture Center 1.1.1
Cisco Digital Network Architecture Center 1.1.2
Cisco Digital Network Architecture Center 1.1.3
1 Article
7.5
CVSSv2
CVE-2018-0271
A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote malicious user to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing reques...
Cisco Digital Network Architecture Center
1 Article
5.8
CVSSv2
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
5
CVSSv2
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0a
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.2
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Application Session Controller 3.7.1
Oracle Jd Edwards World Security A9.4
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Agile Engineering Data Management 6.1.3
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.3
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
5
CVSSv2
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0a
Openssl Openssl 1.1.0b
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »