Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20356
CVE-2024-20356 This is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC. Full technical details can be found at https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom Usage Usage: CVE-2024-20356.py [-...
1 Github repository
NA
CVE-2024-20295
Cisco discloses root escalation flaw with public exploit code
1 Article
NA
CVE-2024-20282
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could expl...
NA
CVE-2024-20283
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote malicious user to learn cluster deployment information on an affected device. This vulnerability is due to improper access controls on a specific API endpoint. An attacker could exploit this vulnerabili...
NA
CVE-2024-20302
A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an authenticated, remote malicious user to modify or delete tenant templates on an affected system. This vulnerability is due to improper access controls within tenant se...
NA
CVE-2024-20310
A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against an authenticated user of the interface. ...
NA
CVE-2024-20332
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validat...
NA
CVE-2024-20334
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input v...
NA
CVE-2024-20347
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote malicious user to conduct a CSRF attack, which could allow the malicious user to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web ...
NA
CVE-2024-20348
A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote malicious user to read arbitrary files. This vulnerability is due to an unauthenticated provisioning web server. An attack...
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »