Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco secure network analytics vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-20102
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote malicious user to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data t...
Cisco Secure Network AnalyticsCisco Stealthwatch Management Console 2200 Firmware -
3.5
CVSSv2
CVE-2022-20741
A vulnerability in the web-based management interface of the Network Diagrams application for Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the...
Cisco Secure Network Analytics
NA
CVE-2023-20103
A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote malicious user to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit...
Cisco Secure Network Analytics
9
CVSSv2
CVE-2022-20797
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote malicious user to execute arbitrary commands as an administrator on the underlying operating system. This vulnerab...
Cisco Secure Network Analytics
NA
CVE-2022-20663
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to i...
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0Apache Log4jSiemens Sppa-t3000 Ses3000 FirmwareSiemens Logo\\! Soft ComfortSiemens Spectrum Power 4 4.70Siemens Spectrum Power 4Siemens Siveillance Control ProSiemens Energyip Prepay 3.7Siemens Energyip Prepay 3.8Siemens Siveillance Identity 1.6Siemens Siveillance Identity 1.5Siemens Siveillance CommandSiemens Sipass Integrated 2.85Siemens Sipass Integrated 2.80Siemens Head-end System Universal Device Integration SystemSiemens Gma-managerSiemens Energyip 8.5Siemens Energyip 8.6Siemens Energyip 8.7Siemens Energyip 9.0Siemens Energy Engage 3.1Siemens E-car Operation Center
7.5
CVSSv2
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons CollectionsApache Commons Collections 4.0
6.8
CVSSv2
CVE-2021-40438
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http ServerFedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Cloud Backup -Netapp Storagegrid -Netapp Clustered Data Ontap -F5 F5osOracle Http Server 12.2.1.3.0Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Http Server 12.2.1.4.0Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Zfs Storage Appliance Kit 8.8Oracle Secure Global Desktop 5.6Siemens Sinema Server 14.0Siemens Sinec Nms
5
CVSSv2
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
5
CVSSv2
CVE-2015-3193
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 prior to 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote malicious users to obt...
Openssl Openssl 1.0.2aOpenssl Openssl 1.0.2bOpenssl Openssl 1.0.2cOpenssl Openssl 1.0.2Openssl Openssl 1.0.2dNodejs Node.jsCanonical Ubuntu Linux 15.10Canonical Ubuntu Linux 15.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 12.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886insecure direct object referenceCVE-2024-34342file inclusionCVE-2024-34562CVE-2024-34347CVE-2024-26026CVE-2024-4647unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook