Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco policy suite vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2016-1357
The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote malicious users to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211.
Cisco Cisco Policy Suite 7.0.5
Cisco Cisco Policy Suite 7.0.3-att
Cisco Cisco Policy Suite 7.0.4-att
Cisco Cisco Policy Suite 7.0.2-att
Cisco Cisco Policy Suite 7.0.2
Cisco Cisco Policy Suite 7.0.1.3
5.3
CVSSv3
CVE-2017-6781
A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local malicious user to gain elevated privileges on an affected system. The affected privilege level is not at the root level. The vulne...
Cisco Policy Suite 12.0.0
Cisco Policy Suite 11.0.0
Cisco Policy Suite 9.1.0
Cisco Policy Suite 10.0.0
Cisco Policy Suite 9.0.0
7.5
CVSSv3
CVE-2018-0089
A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote malicious user to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The attacker woul...
Cisco Policy Suite 11.0.0
Cisco Policy Suite 10.0.0
Cisco Policy Suite 11.1.0
9.8
CVSSv3
CVE-2018-0181
A vulnerability in the Redis implementation used by the Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent software could allow an unauthenticated, remote malicious user to modify key-value pairs for short-lived events stored by the Redis server. The vuln...
Cisco Cisco Policy Suite For Mobile 13.0.0
Cisco Cisco Policy Suite Diameter Routing Agent -
9.8
CVSSv3
CVE-2021-40119
A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote malicious user to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker...
Cisco Policy Suite
7.8
CVSSv3
CVE-2017-6623
A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local malicious user to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permi...
Cisco Policy Suite 10.1.0
Cisco Policy Suite 11.0.0
Cisco Policy Suite 10.0.0
3.7
CVSSv3
CVE-2018-15466
A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of Cisco Policy Suite (CPS) could allow an unauthenticated, remote malicious user to access the Graphite web interface. The attacker would need to have access to the internal VLAN where...
Cisco Policy Suite For Mobile 12.0.0
9.8
CVSSv3
CVE-2018-0377
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite prior to 18.1.0 could allow an unauthenticated, remote malicious user to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could e...
Cisco Mobility Services Engine 14.0.0
Cisco Policy Suite
9.8
CVSSv3
CVE-2018-0376
A vulnerability in the Policy Builder interface of Cisco Policy Suite prior to 18.2.0 could allow an unauthenticated, remote malicious user to access the Policy Builder interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability b...
Cisco Policy Suite
Cisco Mobility Services Engine 18.0.0
9.8
CVSSv3
CVE-2018-0375
A vulnerability in the Cluster Manager of Cisco Policy Suite prior to 18.2.0 could allow an unauthenticated, remote malicious user to log in to an affected system using the root account, which has default, static user credentials. The vulnerability is due to the presence of undoc...
Cisco Policy Suite
Cisco Mobility Services Engine 14.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »