Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco application services engine vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-6733
A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. More In...
Cisco Identity Services Engine 2.3\\(0.151\\)
Cisco Identity Services Engine 2.2\\(0.283\\)
Cisco Identity Services Engine 2.1\\(102.101\\)
6.1
CVSSv3
CVE-2017-6701
A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Informat...
Cisco Identity Services Engine 2.1\\(102.101\\)
6
CVSSv3
CVE-2023-20030
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to access sensitive information, conduct a server-side request forgery (SSRF) attack through an affected device, or negatively impact ...
Cisco Identity Services Engine 3.2
Cisco Identity Services Engine
5.9
CVSSv3
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
74 Github repositories
5 Articles
5.9
CVSSv3
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
5.9
CVSSv3
CVE-2020-3353
A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a race condition that may occur when syslo...
Cisco Identity Services Engine 2.4.0.357
Cisco Identity Services Engine 2.3.0.298
Cisco Identity Services Engine 2.2.0.470
5.9
CVSSv3
CVE-2017-15533
Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 before 3.10.4.1, 3.11, and 3.12 before 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT resea...
Broadcom Ssl Visibility Appliance 3.10
Broadcom Ssl Visibility Appliance 3.12
Broadcom Ssl Visibility Appliance 3.8.4fc
Broadcom Ssl Visibility Appliance 3.11
5.9
CVSSv3
CVE-2017-17428
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote malicious users to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
Cavium Octeon Sdk
Cavium Nitrox V Ssl Sdk
Cavium Nitrox Ssl Sdk
Cavium Octeon Ssl Sdk
Cavium Turbossl Sdk
Cisco Webex Meetings T31
Cisco Webex Conect Im 7.24.1
Cisco Webex Meetings T32
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(3.0\\)
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(3.5\\)
Cisco Ace4710 Application Control Engine Firmware 3.0\\(0\\)a5\\(2.0\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(3.0\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(3.5\\)
Cisco Ace30 Application Control Engine Module Firmware 3.0\\(0\\)a5\\(2.0\\)
Cisco Adaptive Security Appliance 5520 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5540 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5550 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5510 Firmware 9.1\\(7.16\\)
Cisco Adaptive Security Appliance 5505 Firmware 9.1\\(7.16\\)
5.9
CVSSv3
CVE-2017-12373
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote malicious user to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) att...
Cisco Adaptive Security Appliance 5505 Firmware -
Cisco Adaptive Security Appliance 5510 Firmware -
Cisco Adaptive Security Appliance 5520 Firmware -
Cisco Adaptive Security Appliance 5540 Firmware -
Cisco Adaptive Security Appliance 5550 Firmware -
5.5
CVSSv3
CVE-2020-3335
A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local malicious user to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker co...
Cisco Application Policy Infrastructure Controller 1.1\\(0c\\)
Cisco Application Services Engine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »