Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
network configuration manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-33227
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges.
Solarwinds Network Configuration Manager
NA
CVE-2023-33228
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.
Solarwinds Network Configuration Manager
NA
CVE-2021-35226
An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.
Solarwinds Network Configuration Manager
NA
CVE-2023-40054
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226
Solarwinds Network Configuration Manager
NA
CVE-2023-40055
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33227
Solarwinds Network Configuration Manager
9.3
CVSSv2
CVE-2013-0935
EMC Smarts Network Configuration Manager (NCM) prior to 9.2 does not require authentication for all Java RMI method calls, which allows remote malicious users to execute arbitrary code via unspecified vectors.
Emc Smarts Network Configuration Manager
NA
CVE-2023-29505
An issue exists in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking.
Zohocorp Manageengine Network Configuration Manager 12.6
5
CVSSv2
CVE-2018-18980
An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager prior to 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local...
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Network Configuration Manager
NA
CVE-2023-23842
The SolarWinds Network Configuration Manager was susceptible to the Directory Traversal Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Network Configuration Monitor
NA
CVE-2022-35404
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Firewall Analyzer
Zohocorp Manageengine Firewall Analyzer 12.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »