Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco umbrella - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-0437
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local malicious user to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is d...
Cisco Umbrella Enterprise Roaming Client
Cisco Umbrella Roaming Module
Cisco Umbrella Roaming Module 4.3(1095)
1 EDB exploit
5.4
CVSSv3
CVE-2022-20969
A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An atta...
Cisco Umbrella 003.003(000)
4.1
CVSSv3
CVE-2021-1475
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote malicious user to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities...
Cisco Umbrella -
4.3
CVSSv3
CVE-2021-40126
A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote malicious user to perform an email enumeration attack against the Umbrella infrastructure. This vulnerability is due to an overly descriptive error message on the dashboard that appe...
Cisco Umbrella -
8.6
CVSSv3
CVE-2021-1474
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote malicious user to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities...
Cisco Umbrella -
9.1
CVSSv3
CVE-2018-0435
A vulnerability in the Cisco Umbrella API could allow an authenticated, remote malicious user to view and modify data across their organization and other organizations. The vulnerability is due to insufficient authentication configurations for the API interface of Cisco Umbrella....
Cisco Umbrella
1 Article
8.8
CVSSv3
CVE-2019-1807
A vulnerability in the session management functionality of the web UI for the Cisco Umbrella Dashboard could allow an authenticated, remote malicious user to access the Dashboard via an active, user session. The vulnerability exists due to the affected application not invalidatin...
Cisco Umbrella
4.1
CVSSv3
CVE-2022-20805
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent malicious user to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to how the decryption ...
Cisco Umbrella Secure Web Gateway
4.3
CVSSv3
CVE-2020-3246
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote malicious user to perform a carriage return line feed (CRLF) injection attack against a user of an affected service. The vulnerability is due to insufficient validation of user input. An at...
Cisco Umbrella
1 Article
6.1
CVSSv3
CVE-2020-3337
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote malicious user to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device...
Cisco Umbrella
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »