Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20295
Cisco discloses root escalation flaw with public exploit code
1 Article
NA
CVE-2024-20281
A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to...
NA
CVE-2024-20282
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could expl...
NA
CVE-2024-20283
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote malicious user to learn cluster deployment information on an affected device. This vulnerability is due to improper access controls on a specific API endpoint. An attacker could exploit this vulnerabili...
NA
CVE-2024-20302
A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an authenticated, remote malicious user to modify or delete tenant templates on an affected system. This vulnerability is due to improper access controls within tenant se...
NA
CVE-2024-20310
A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against an authenticated user of the interface. ...
NA
CVE-2024-20332
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validat...
NA
CVE-2024-20334
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input v...
NA
CVE-2024-20347
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote malicious user to conduct a CSRF attack, which could allow the malicious user to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web ...
NA
CVE-2024-20348
A vulnerability in the Out-of-Band (OOB) Plug and Play (PnP) feature of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote malicious user to read arbitrary files. This vulnerability is due to an unauthenticated provisioning web server. An attack...
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »