Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco confd vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2022-20762
A vulnerability in the Common Execution Environment (CEE) ConfD CLI of Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure (SMI) software could allow an authenticated, local malicious user to escalate privileges on an affected device. This vulnerability is due to ins...
Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure
6.9
CVSSv2
CVE-2021-1572
A vulnerability in ConfD could allow an authenticated, local malicious user to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. ...
Cisco Confd
Cisco Network Services Orchestrator
6.5
CVSSv2
CVE-2017-6682
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote malicious user to run arbitrary commands as the Linux tomcat user on an affected system. More Information: CSCvc76620. Known Affected Releases: 2.2(9.76).
Cisco Elastic Services Controller 2.2\\(9.76\\)
6.5
CVSSv2
CVE-2017-6689
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote malicious user to log in to an affected system as the admin user, aka an Insecure Default Administrator Credentials Vulnerability. More Information: CSCvc76661. Known Affec...
Cisco Elastic Services Controller 2.2\\(9.76\\)
4
CVSSv2
CVE-2017-6777
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote malicious user to acquire sensitive system information. The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could ...
Cisco Elastic Services Controller 2.3\\(2\\)
Cisco Elastic Services Controller 2.3
4
CVSSv2
CVE-2017-6691
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote malicious user to access sensitive information on an affected system. More Information: CSCvd29403. Known Affected Releases: 2.3(2).
Cisco Elastic Services Controller 2.3\\(2\\)
2.1
CVSSv2
CVE-2018-0106
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local malicious user to access sensitive information on a targeted system. The vulnerability is due to insufficient security restrictions. An attacker could exploit ...
Cisco Elastic Services Controller
2.1
CVSSv2
CVE-2017-6693
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local malicious user to access information stored in the file system of an affected system, aka Unauthorized Directory Access. More Information: CSCvd76286. Known Aff...
Cisco Elastic Services Controller 2.2\\(9.76\\)
Cisco Elastic Services Controller 2.3\\(1\\)
2.1
CVSSv2
CVE-2017-6695
A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local malicious user to view sensitive information. More Information: CSCvd29398. Known Affected Releases: 21.0.v0.65839.
Cisco Ultra Services Platform 21.0.v0.65839
NA
CVE-2024-20326
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper author...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »