Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
umbrella vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-40126
A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote malicious user to perform an email enumeration attack against the Umbrella infrastructure. This vulnerability is due to an overly descriptive error message on the dashboard that appe...
Cisco Umbrella -
3.5
CVSSv2
CVE-2021-1475
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote malicious user to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities...
Cisco Umbrella -
6.8
CVSSv2
CVE-2021-1474
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote malicious user to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities...
Cisco Umbrella -
NA
CVE-2022-20969
A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An atta...
Cisco Umbrella 003.003\\(000\\)
7.2
CVSSv2
CVE-2018-0437
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local malicious user to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is d...
Cisco Umbrella Enterprise Roaming Client
Cisco Umbrella Roaming Module 4.3\\(1095\\)
Cisco Umbrella Roaming Module
1 EDB exploit
6.5
CVSSv2
CVE-2018-0435
A vulnerability in the Cisco Umbrella API could allow an authenticated, remote malicious user to view and modify data across their organization and other organizations. The vulnerability is due to insufficient authentication configurations for the API interface of Cisco Umbrella....
Cisco Umbrella
1 Article
2.7
CVSSv2
CVE-2022-20805
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent malicious user to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to how the decryption ...
Cisco Umbrella Secure Web Gateway
7.1
CVSSv2
CVE-2020-3510
A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote malicious user to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is d...
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.2
Cisco Ios Xe 17.1.1
6.8
CVSSv2
CVE-2019-1807
A vulnerability in the session management functionality of the web UI for the Cisco Umbrella Dashboard could allow an authenticated, remote malicious user to access the Dashboard via an active, user session. The vulnerability exists due to the affected application not invalidatin...
Cisco Umbrella
4.3
CVSSv2
CVE-2020-3246
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote malicious user to perform a carriage return line feed (CRLF) injection attack against a user of an affected service. The vulnerability is due to insufficient validation of user input. An at...
Cisco Umbrella
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »