A vulnerability in the web management interface of Cisco Prime License Manager (PLM) Software could allow an unauthenticated, remote malicious user to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of user input on the web management interface. An attacker could exploit this vulnerability by submitting a malicious request to an affected system. An exploit could allow the malicious user to gain administrative-level privileges on the system. The attacker needs a valid username to exploit this vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco prime license manager |
And who's that in the background? Just Oracle and its *cough* 443 bugs
Cisco has emitted 33 security bug fixes in its latest crop of software updates, five of those deemed critical. Those five critical vulnerabilities include two remote code execution bugs (CVE-2020-3323, CVE-2020-3321) – with no workarounds for either other than patching – and one each of authentication bypass (CVE-2020-3144), privilege escalation (CVE-2020-3140), and default credential (CVE-2020-3330) flaws. Affected devices include multiple RV-series routers, the RV110W series VPN Firewall, ...