Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco umbrella vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-20738
A vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthenticated, remote malicious user to bypass the file inspection feature. This vulnerability is due to insufficient restrictions in the file inspection feature. An attacker could exploit this vuln...
Cisco Umbrella Secure Web Gateway -
9.1
CVSSv3
CVE-2018-0435
A vulnerability in the Cisco Umbrella API could allow an authenticated, remote malicious user to view and modify data across their organization and other organizations. The vulnerability is due to insufficient authentication configurations for the API interface of Cisco Umbrella....
Cisco Umbrella
1 Article
8.8
CVSSv3
CVE-2019-1807
A vulnerability in the session management functionality of the web UI for the Cisco Umbrella Dashboard could allow an authenticated, remote malicious user to access the Dashboard via an active, user session. The vulnerability exists due to the affected application not invalidatin...
Cisco Umbrella
8.6
CVSSv3
CVE-2021-1474
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote malicious user to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities...
Cisco Umbrella -
8.6
CVSSv3
CVE-2020-3510
A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote malicious user to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is d...
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.2
Cisco Ios Xe 17.1.1
8.2
CVSSv3
CVE-2017-12350
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and previous versions could allow an authenticated, local malicious user to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentia...
Cisco Umbrella Insights Virtual Appliance
8.1
CVSSv3
CVE-2022-20773
A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote malicious user to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vul...
Cisco Umbrella
1 Github repository
1 Article
7.8
CVSSv3
CVE-2018-0437
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local malicious user to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is d...
Cisco Umbrella Enterprise Roaming Client
Cisco Umbrella Roaming Module 4.3\\(1095\\)
Cisco Umbrella Roaming Module
1 EDB exploit
7.8
CVSSv3
CVE-2018-0438
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local malicious user to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is d...
Cisco Umbrella Enterprise Roaming Client
1 EDB exploit
7.5
CVSSv3
CVE-2018-0170
A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition, related to the OpenDNS software. The vulnerability is due to a logic error that exists when handl...
Cisco Ios Xe 16.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »