Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security access manager for web appliance vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-6639
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote malicious user to access sensitive information or execute arbitrary code with root privileges on an affected system. The ...
Cisco Prime Data Center Network Manager 10.1.0
Cisco Prime Data Center Network Manager 10.1\\(2\\)
Cisco Prime Data Center Network Manager 10.1\\(1\\)
7.8
CVSSv2
CVE-2020-3436
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to upload arbitrary-sized files to specific folders on an affected device, which could ...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance
Cisco Firepower Threat Defense 6.6.0
Cisco Adaptive Security Appliance Software
NA
CVE-2022-41800
In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the malicious user to cross a secur...
F5 Big-ip Access Policy Manager 17.0.0
F5 Big-ip Analytics 17.0.0
F5 Big-ip Application Security Manager 17.0.0
F5 Big-ip Application Acceleration Manager 17.0.0
F5 Big-ip Policy Enforcement Manager 17.0.0
F5 Big-ip Local Traffic Manager 17.0.0
F5 Big-ip Link Controller 17.0.0
F5 Big-ip Global Traffic Manager 17.0.0
F5 Big-ip Fraud Protection Service 17.0.0
F5 Big-ip Domain Name System 17.0.0
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
10
CVSSv2
CVE-2017-6640
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote malicious user to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or...
Cisco Prime Data Center Network Manager 10.1.0
Cisco Prime Data Center Network Manager 10.1\\(2\\)
Cisco Prime Data Center Network Manager 10.1\\(1\\)
1 Github repository
5.5
CVSSv2
CVE-2021-1561
A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote malicious user to gain unauthorized access and modify the spam quarantine settings of another user. This ...
Cisco Secure Email And Web Manager
10
CVSSv2
CVE-2021-22986
On BIG-IP versions 16.0.x prior to 16.0.1.1, 15.1.x prior to 15.1.2.1, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.3.6, and 12.1.x prior to 12.1.5.3 amd BIG-IQ 7.1.0.x prior to 7.1.0.3 and 7.0.0.x prior to 7.0.0.2, the iControl REST interface has an unauthenticated remote comman...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-iq Centralized Management
F5 Ssl Orchestrator
1 Metasploit module
23 Github repositories
2 Articles
7.5
CVSSv2
CVE-2021-1493
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote malicious user to cause a buffer overflow on an affected system. The vulnerability is due to in...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
7.2
CVSSv2
CVE-2015-6030
HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Appliance 6.4.0.6881.3 use the root account to execute files owned by the arcsight user, which might allow local users to gain privileges by leveraging arcsight account access.
Hp Arcsight Connector Appliance
Hp Arcsight Logger 6.0.0.7307.1
Hp Arcsight Command Center 6.8.0.1896.0
Microfocus Arcsight Enterprise Security Manager
Hp Arcsight Express 4.0
Hp Arcsight Management Center
Hp Arcsight Connectors
NA
CVE-2023-41373
A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated malicious user to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the malicious user to cross a secur...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Visibility And Reporting
F5 Big-ip Carrier-grade Nat
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
4.3
CVSSv2
CVE-2020-3583
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to conduct cross-site scripting (XSS) attacks against a user of the w...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »