Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco network services orchestrator vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-0463
A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote malicious user to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exi...
Cisco Network Services Orchestrator 1.2.0
5.5
CVSSv3
CVE-2023-20040
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote malicious user to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a...
Cisco Network Services Orchestrator
Cisco Network Services Orchestrator 5.8
4.7
CVSSv3
CVE-2020-3362
A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local malicious user to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exp...
Cisco Network Services Orchestrator
8.8
CVSSv3
CVE-2018-0274
A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote malicious user to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker coul...
Cisco Network Services Orchestrator
8.8
CVSSv3
CVE-2018-0343
A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote malicious user to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. The vulnerabilit...
Cisco Vedge-plus -
Cisco Vmanage Network Management -
Cisco Vsmart Controller -
Cisco Vbond Orchestrator -
Cisco Vedge-pro -
Cisco Vedge-100 Firmware
Cisco Vedge 100b Firmware
Cisco Vedge 100m Firmware
Cisco Vedge 100wm Firmware
Cisco Vedge-1000 Firmware
Cisco Vedge-2000 Firmware
Cisco Vedge-5000 Firmware
NA
CVE-2021-1132
A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management interface and certain HTTP-based AP...
9.1
CVSSv3
CVE-2017-6711
A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ultra Services Framework could allow an unauthenticated, remote malicious user to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeepe...
Cisco Ultra Services Framework
NA
CVE-2022-20655
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker coul...
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1159 Github repositories
28 Articles
7.8
CVSSv3
CVE-2021-1572
A vulnerability in ConfD could allow an authenticated, local malicious user to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. ...
Cisco Confd
Cisco Network Services Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »