Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco intersight virtual appliance vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-34748
A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote malicious user to perform a command injection attack on an affected device. This vulnerability is due to insufficient input validation. An attacker cou...
Cisco Intersight Virtual Appliance
6.5
CVSSv3
CVE-2021-1617
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote malicious user to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient in...
Cisco Intersight Virtual Appliance
7.2
CVSSv3
CVE-2021-1618
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote malicious user to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient in...
Cisco Intersight Virtual Appliance
4.3
CVSSv3
CVE-2023-20237
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent malicious user to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacke...
Cisco Intersight Virtual Appliance
8.3
CVSSv3
CVE-2021-1600
Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent malicious user to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are re...
Cisco Intersight Virtual Appliance 1.0(1)
8.3
CVSSv3
CVE-2021-1601
Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent malicious user to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are re...
Cisco Intersight Virtual Appliance 1.0(1)
9.1
CVSSv3
CVE-2023-20013
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote malicious user to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these v...
Cisco Intersight Private Virtual Appliance 1.0.9
9.1
CVSSv3
CVE-2023-20017
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote malicious user to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these v...
Cisco Intersight Private Virtual Appliance 1.0.9
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1185 Github repositories
28 Articles
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
35 Github repositories
4 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »