Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
network automation vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2006-3878
Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
Opsware Network Automation System 6.0
4
CVSSv2
CVE-2019-12122
An issue exists in ONAP Portal through Dublin. By executing a call to ONAPPORTAL/portalApi/loggedinUser, an attacker who possesses a user's cookie may retrieve that user's password from the database. All Portal setups are affected.
Onap Open Network Automation Platform
6.4
CVSSv2
CVE-2016-1441
Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Configuration Assistant (CCA) allows remote malicious users to bypass intended filesystem and administrative-endpoint restrictions via GET API calls, aka Bug ID CSCuy77145.
Cisco Cloud Network Automation Provisioner 1.0\\(0\\)
7.5
CVSSv2
CVE-2018-6498
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Au...
Microfocus Data Center Automation 2017.05
Microfocus Data Center Automation 2017.08
Microfocus Data Center Automation 2017.09
Microfocus Data Center Automation 2017.11
Microfocus Data Center Automation 2018.02
Microfocus Data Center Automation 2018.05
Microfocus Data Center Automation 2017.01
Microfocus Service Management Automation 2018.05
Microfocus Service Management Automation 2018.02
Microfocus Service Management Automation 2017.11
Microfocus Network Operations Management 2018.02
Microfocus Network Operations Management 2017.11
Microfocus Hybrid Cloud Management 2017.11
Microfocus Hybrid Cloud Management 2018.02
Microfocus Hybrid Cloud Management 2018.05
Microfocus Operations Bridge 2017.11
Microfocus Operations Bridge 2018.02
Microfocus Operations Bridge 2018.05
Microfocus Network Operations Management 2018.05
7.5
CVSSv2
CVE-2018-6499
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Au...
Microfocus Data Center Automation 2017.05
Microfocus Data Center Automation 2017.08
Microfocus Data Center Automation 2017.09
Microfocus Data Center Automation 2017.11
Microfocus Data Center Automation 2018.02
Microfocus Data Center Automation 2018.05
Microfocus Data Center Automation 2017.01
Microfocus Service Management Automation 2018.05
Microfocus Service Management Automation 2018.02
Microfocus Service Management Automation 2017.11
Microfocus Network Operations Management 2018.02
Microfocus Network Operations Management 2017.11
Microfocus Hybrid Cloud Management 2017.11
Microfocus Hybrid Cloud Management 2018.02
Microfocus Hybrid Cloud Management 2018.05
Microfocus Operations Bridge 2017.11
Microfocus Operations Bridge 2018.02
Microfocus Operations Bridge 2018.05
Microfocus Network Operations Management 2018.05
Microfocus Network Virtualization 12.50
Microfocus Service Virtualization 1.00
Microfocus Unified Functional Testing 12.50
4.3
CVSSv2
CVE-2019-16024
A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerab...
Cisco Crosswork Change Automation
Cisco Crosswork Network Automation 3.0
Cisco Crosswork Network Automation 3.1
7.8
CVSSv2
CVE-2021-22275
Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based malicious user to stop the cyclic program on the device and cause a denial of service.
Br-automation Automation Runtime
5
CVSSv2
CVE-2020-11637
A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition.
Br-automation Automation Runtime
7.5
CVSSv2
CVE-2020-11844
Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, ...
Microfocus Service Management Automation 2018.05
Microfocus Service Management Automation 2018.08
Microfocus Service Management Automation 2018.11
Microfocus Service Management Automation 2019.02
Microfocus Service Management Automation 2019.05
Microfocus Service Management Automation 2019.08
Microfocus Service Management Automation 2019.11
Microfocus Service Management Automation 2020.02
NA
CVE-2022-43765
B&R APROL versions < R 4.2-07 doesn’t process correctly specially formatted data packages sent to port 55502/tcp, which may allow a network based malicious user to cause an application Denial-of-Service.
Br-automation Industrial Automation Aprol
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »