Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
management console vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-1575
Multiple cross-site scripting (XSS) vulnerabilities in Cumin before r5238 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) widgets or (2) pages.
Trevor Mckay Cumin
4.3
CVSSv2
CVE-2022-29548
A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator...
Wso2 Api Manager 2.6.0
Wso2 Identity Server 5.7.0
Wso2 Identity Server As Key Manager 5.7.0
Wso2 Enterprise Integrator 6.5.0
Wso2 Api Microgateway 2.2.0
Wso2 Api Manager 3.0.0
Wso2 Enterprise Integrator 6.2.0
Wso2 Enterprise Integrator 6.3.0
Wso2 Api Manager Analytics 2.2.0
Wso2 Api Manager Analytics 2.5.0
Wso2 Identity Server 5.5.0
Wso2 Identity Server Analytics 5.5.0
Wso2 Data Analytics Server 3.2.0
Wso2 Identity Server As Key Manager 5.5.0
Wso2 Api Manager 2.2.0
Wso2 Api Manager 3.1.0
Wso2 Micro Integrator 1.0.0
Wso2 Identity Server Analytics 5.6.0
Wso2 Identity Server As Key Manager 5.6.0
Wso2 Identity Server As Key Manager 5.9.0
Wso2 Identity Server As Key Manager 5.10.0
Wso2 Api Manager Analytics 2.6.0
1 Github repository
4.3
CVSSv2
CVE-2018-0278
A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote malicious user to access sensitive data about the system. The vulnerability is due to improper cross-origin domain protections for the WebSocket protocol. An attack...
Cisco Firepower Management Center 6.2.0
Cisco Firepower Management Center 6.2.1
Cisco Firepower Management Center 6.2.2
Cisco Firepower Management Center 6.2.3
Cisco Firepower Management Center 6.1.0
7.5
CVSSv2
CVE-2021-40842
Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console. The vulnerability exists due to improper input validation on the database name parameter required in certain unauthenticated APIs. A malicious URL visited by anyone with network...
Proofpoint Insider Threat Management Server
Proofpoint Insider Threat Management Server 7.12.0
6.9
CVSSv2
CVE-2021-40843
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user trigg...
Proofpoint Insider Threat Management Server
NA
CVE-2022-3841
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is m...
Redhat Advanced Cluster Management For Kubernetes 2.0
7.5
CVSSv2
CVE-2006-2715
The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) prior to 2.8.1 does not enforce access control, which allows remote malicious users to gain access to servers via the console.
Secure Elements C5 Enterprise Vulnerability Management
5
CVSSv2
CVE-2020-11868
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows an off-path malicious user to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
Ntp Ntp 4.2.8
Ntp Ntp
Redhat Enterprise Linux 7.0
Netapp Clustered Data Ontap -
Netapp Virtual Storage Console
Netapp Data Ontap -
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node Firmware -
Netapp Fabric-attached Storage 8300 Firmware -
Netapp Fabric-attached Storage 8700 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp All Flash Fabric-attached Storage 8300 Firmware -
Netapp All Flash Fabric-attached Storage 8700 Firmware -
Netapp All Flash Fabric-attached Storage A400 Firmware -
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
5.8
CVSSv2
CVE-2015-8151
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access.
Symantec Encryption Management Server
6
CVSSv2
CVE-2006-3643
Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and 6 in Microsoft Windows 2000 SP4 permits access to local "HTML-embedded resource files" in the Microsoft Management Console (MMC) library, which allows remote authenticated users to execute arbitrary ...
Microsoft Ie 6
Microsoft Internet Explorer 5.01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »