Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20360
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interfa...
Cisco Firepower Management Center
NA
CVE-2024-20261
A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to bypass a configured file policy to block an encrypted archive file. This vulnerabil...
NA
CVE-2024-20293
A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to bypass the protection that is offered by a configured A...
NA
CVE-2024-20355
A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote malicious user to successfully establis...
NA
CVE-2024-20361
A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote malicious user to bypass configured access controls on managed devices that are running Cisco Firepower Threat D...
NA
CVE-2024-20363
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote malicious user to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet h...
NA
CVE_2024_20356
CVE-2024-20356 This is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC. Written by Aaron and Oxidised by Sherllyneo Full technical details can be found at https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-t...
1 Github repository
NA
CVE-2024-20326
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper author...
NA
CVE-2024-20389
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local malicious user to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper author...
NA
CVE-2024-20256
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote malicious user to conduct an XSS attack against a user of the interface. This vulnerability is due ...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »