Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
umbrella vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-3337
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote malicious user to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device...
Cisco Umbrella
5.3
CVSSv3
CVE-2021-1350
A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote malicious user to negatively affect the performance of this service. The vulnerability exists due to insufficient rate limiting controls in the web UI. An attacker could exploit this vulnerabil...
Cisco Umbrella -
9.8
CVSSv3
CVE-2022-20738
A vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthenticated, remote malicious user to bypass the file inspection feature. This vulnerability is due to insufficient restrictions in the file inspection feature. An attacker could exploit this vuln...
Cisco Umbrella Secure Web Gateway -
6.1
CVSSv3
CVE-2015-10080
A vulnerability was found in NREL api-umbrella-web 0.7.1. It has been classified as problematic. This affects an unknown part of the component Admin Data Table Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to ve...
Nrel Api Umbrella 0.7.1
6.1
CVSSv3
CVE-2015-10072
A vulnerability classified as problematic was found in NREL api-umbrella-web 0.7.1. This vulnerability affects unknown code of the component Flash Message Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.8.0 is ...
Nrel Api Umbrella Web 0.7.1
6.1
CVSSv3
CVE-2019-1792
A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user in a network protected by Umbrella. The vulnerability is due to insufficient validation of input parameters ...
Cisco Umbrella
7.8
CVSSv3
CVE-2018-0438
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local malicious user to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is d...
Cisco Umbrella Enterprise Roaming Client
1 EDB exploit
4.4
CVSSv3
CVE-2019-16000
A vulnerability in the automatic update process of Cisco Umbrella Roaming Client for Windows could allow an authenticated, local malicious user to install arbitrary, unapproved applications on a targeted device. The vulnerability is due to insufficient verification of the Windows...
Cisco Umbrella Roaming Client 2.2.238
8.2
CVSSv3
CVE-2017-12350
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and previous versions could allow an authenticated, local malicious user to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentia...
Cisco Umbrella Insights Virtual Appliance
6.4
CVSSv3
CVE-2017-6679
The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (SSH) which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for re...
Cisco Umbrella
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »