Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
configuration manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-35226
An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.
Solarwinds Network Configuration Manager
7.8
CVSSv3
CVE-2022-24527
Microsoft Endpoint Configuration Manager Elevation of Privilege Vulnerability
Microsoft Endpoint Configuration Manager -
6.1
CVSSv3
CVE-2018-17051
K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devices.php.
Knet Cisco Configuration Manager
8.8
CVSSv3
CVE-2023-33226
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.
Solarwinds Network Configuration Manager
8.8
CVSSv3
CVE-2023-33227
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges.
Solarwinds Network Configuration Manager
4.9
CVSSv3
CVE-2023-33228
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.
Solarwinds Network Configuration Manager
8.8
CVSSv3
CVE-2023-40054
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226
Solarwinds Network Configuration Manager
8.8
CVSSv3
CVE-2023-40055
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33227
Solarwinds Network Configuration Manager
NA
CVE-2013-0935
EMC Smarts Network Configuration Manager (NCM) prior to 9.2 does not require authentication for all Java RMI method calls, which allows remote malicious users to execute arbitrary code via unspecified vectors.
Emc Smarts Network Configuration Manager
7.5
CVSSv3
CVE-2018-7077
A security vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 and before 8.6.0-00), Configuration Manager (CM 8.5.0-00 and before 8.6.0-00) could be exploited to allow local and remote unauthorized access to sensitive information.
Hp Xp P9000 Configuration Manager
Hp Xp P9000 Device Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »