Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
umbrella vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-3246
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote malicious user to perform a carriage return line feed (CRLF) injection attack against a user of an affected service. The vulnerability is due to insufficient validation of user input. An at...
Cisco Umbrella
1 Article
5.8
CVSSv2
CVE-2020-3337
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote malicious user to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device...
Cisco Umbrella
7.5
CVSSv2
CVE-2022-20738
A vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthenticated, remote malicious user to bypass the file inspection feature. This vulnerability is due to insufficient restrictions in the file inspection feature. An attacker could exploit this vuln...
Cisco Umbrella Secure Web Gateway -
NA
CVE-2015-10080
A vulnerability was found in NREL api-umbrella-web 0.7.1. It has been classified as problematic. This affects an unknown part of the component Admin Data Table Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to ve...
Nrel Api Umbrella 0.7.1
NA
CVE-2015-10072
A vulnerability classified as problematic was found in NREL api-umbrella-web 0.7.1. This vulnerability affects unknown code of the component Flash Message Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.8.0 is ...
Nrel Api Umbrella Web 0.7.1
4.3
CVSSv2
CVE-2019-1792
A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user in a network protected by Umbrella. The vulnerability is due to insufficient validation of input parameters ...
Cisco Umbrella
7.2
CVSSv2
CVE-2018-0438
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local malicious user to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is d...
Cisco Umbrella Enterprise Roaming Client
1 EDB exploit
2.1
CVSSv2
CVE-2019-16000
A vulnerability in the automatic update process of Cisco Umbrella Roaming Client for Windows could allow an authenticated, local malicious user to install arbitrary, unapproved applications on a targeted device. The vulnerability is due to insufficient verification of the Windows...
Cisco Umbrella Roaming Client 2.2.238
7.2
CVSSv2
CVE-2017-12350
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and previous versions could allow an authenticated, local malicious user to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentia...
Cisco Umbrella Insights Virtual Appliance
6
CVSSv2
CVE-2017-6679
The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (SSH) which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for re...
Cisco Umbrella
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »