|
201541
|
8.2 |
HIGH
Network
|
cisco
|
data_center_network_manager
|
A vulnerability in specific REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating syste…
|
NVD-CWE-Other
|
CVE-2020-3384
|
2024-11-21 14:30 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201542
|
8.8 |
HIGH
Network
|
cisco
|
data_center_network_manager
|
A vulnerability in the archive utility of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vuln…
|
CWE-22
CWE-20
Path Traversal
Improper Input Validation
|
CVE-2020-3383
|
2024-11-21 14:30 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201543
|
9.8 |
CRITICAL
Network
|
cisco
|
data_center_network_manager
|
A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-3382
|
2024-11-21 14:30 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201544
|
8.8 |
HIGH
Network
|
cisco
|
data_center_network_manager
|
A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the affected device. The vu…
|
CWE-78
OS Command
|
CVE-2020-3377
|
2024-11-21 14:30 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201545
|
9.8 |
CRITICAL
Network
|
cisco
|
data_center_network_manager
|
A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-3376
|
2024-11-21 14:30 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201546
|
9.8 |
CRITICAL
Network
|
cisco
|
sd-wan
ios_xe_sd-wan
|
A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input vali…
|
CWE-20
Improper Input Validation
|
CVE-2020-3375
|
2024-11-21 14:30 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201547
|
9.9 |
CRITICAL
Network
|
cisco
|
sd-wan
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive informa…
|
CWE-863
Incorrect Authorization
|
CVE-2020-3374
|
2024-11-21 14:30 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201548
|
7.8 |
HIGH
Local
|
cisco
|
sd-wan_firmware
vbond_orchestrator
vsmart_controller
|
A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to i…
|
CWE-20
Improper Input Validation
|
CVE-2020-3379
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201549
|
5.8 |
MEDIUM
Network
|
cisco
|
email_security_appliance
|
A vulnerability in URL filtering of Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to bypass URL filtering on an affected device. The vulnerability …
|
CWE-20
Improper Input Validation
|
CVE-2020-3370
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201550
|
5.4 |
MEDIUM
Network
|
cisco
|
sd-wan_firmware
|
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user …
|
CWE-79
Cross-site Scripting
|
CVE-2020-3406
|
2024-11-21 14:30 |
2020-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
