Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8532 | 1 Apple | 2 Iphone Os, Watchos | 2020-10-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files. | |||||
| CVE-2020-3915 | 1 Apple | 1 Mac Os X | 2020-10-30 | 4.6 MEDIUM | 7.8 HIGH |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to overwrite arbitrary files. | |||||
| CVE-2020-8929 | 1 Google | 1 Tink | 2020-10-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior to 1.5 allows an attacker to change the ID part of a ciphertext, which result in the creation of a second ciphertext that can decrypt to the same plaintext. This can be a problem with encrypting deterministic AEAD with a single key, and rely on a unique ciphertext-per-plaintext. | |||||
| CVE-2020-9860 | 1 Apple | 1 Safari | 2020-10-29 | 5.8 MEDIUM | 5.4 MEDIUM |
| A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 13.0.5. Processing a maliciously crafted URL may lead to arbitrary javascript code execution. | |||||
| CVE-2020-3918 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2020-10-29 | 2.1 LOW | 5.5 MEDIUM |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A local user may be able to view sensitive user information. | |||||
| CVE-2020-9857 | 1 Apple | 1 Mac Os X | 2020-10-29 | 4.3 MEDIUM | 4.3 MEDIUM |
| An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra. A malicious website may be able to exfiltrate autofilled data in Safari. | |||||
| CVE-2020-27605 | 1 Bigbluebutton | 1 Bigbluebutton | 2020-10-29 | 7.5 HIGH | 9.8 CRITICAL |
| BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a "schwache Sandbox." | |||||
| CVE-2020-27606 | 1 Bigbluebutton | 1 Bigbluebutton | 2020-10-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| BigBlueButton before 2.2.28 (or earlier) does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | |||||
| CVE-2020-3455 | 1 Cisco | 17 Firepower 4110, Firepower 4112, Firepower 4115 and 14 more | 2020-10-28 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots. | |||||
| CVE-2020-7364 | 1 Ucweb | 1 Uc Browser | 2020-10-28 | 4.3 MEDIUM | 4.3 MEDIUM |
| User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions. | |||||
| CVE-2020-25214 | 1 Overwolf | 1 Overwolf | 2020-10-28 | 9.3 HIGH | 8.1 HIGH |
| In the client in Overwolf 0.149.2.30, a channel can be accessed or influenced by an actor that is not an endpoint. | |||||
| CVE-2020-9787 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2020-10-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. Some websites may not have appeared in Safari Preferences. | |||||
| CVE-2020-3299 | 2 Cisco, Snort | 16 1100-4p, 1100-8p, 1101-4p and 13 more | 2020-10-27 | 5.0 MEDIUM | 5.8 MEDIUM |
| Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload. | |||||
| CVE-2020-3991 | 2 Microsoft, Vmware | 2 Windows, Horizon Client | 2020-10-23 | 3.6 LOW | 7.1 HIGH |
| VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time. Successful exploitation of this issue may allow an attacker to overwrite certain admin privileged files through a symbolic link attack at install time. This will result into a denial-of-service condition on the machine where Horizon Client for Windows is installed. | |||||
| CVE-2019-16791 | 1 Postfix-mta-sts-resolver Project | 1 Postfix-mta-sts-resolver | 2020-10-23 | 4.3 MEDIUM | 5.9 MEDIUM |
| In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy. | |||||
| CVE-2020-3352 | 1 Cisco | 1 Firepower Threat Defense | 2020-10-23 | 1.9 LOW | 5.5 MEDIUM |
| A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific steps that make the hidden commands accessible. A successful exploit could allow the attacker to make configuration changes to various sections of an affected device that should not be exposed to CLI access. | |||||
| CVE-2019-3981 | 1 Mikrotik | 2 Routeros, Winbox | 2020-10-22 | 4.3 MEDIUM | 3.7 LOW |
| MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client's authentication protocol and recover the user's username and MD5 hashed password. | |||||
| CVE-2019-15999 | 1 Cisco | 1 Data Center Network Manager | 2020-10-22 | 4.0 MEDIUM | 6.3 MEDIUM |
| A vulnerability in the application environment of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain unauthorized access to the JBoss Enterprise Application Platform (JBoss EAP) on an affected device. The vulnerability is due to an incorrect configuration of the authentication settings on the JBoss EAP. An attacker could exploit this vulnerability by authenticating with a specific low-privilege account. A successful exploit could allow the attacker to gain unauthorized access to the JBoss EAP, which should be limited to internal system accounts. | |||||
| CVE-2019-19231 | 2 Broadcom, Microsoft | 2 Ca Client Automation, Windows | 2020-10-22 | 4.6 MEDIUM | 7.8 HIGH |
| An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. | |||||
| CVE-2019-5487 | 1 Gitlab | 1 Gitlab | 2020-10-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits. | |||||
| CVE-2018-0249 | 1 Cisco | 1 Aironet Access Point Software | 2020-10-22 | 3.3 LOW | 4.3 MEDIUM |
| A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. A successful exploit could prevent new clients from joining the AP. The vulnerability is due to incorrect handling of malformed or invalid 802.11 Association Requests. An attacker could exploit this vulnerability by sending a malformed stream of 802.11 Association Requests to the local interface of the targeted device. A successful exploit could allow the attacker to cause a DoS situation on an affected system, causing new client 802.11 Association Requests to fail. This vulnerability affects the following Cisco products: Aironet 1560 Series Access Points, Aironet 1810 Series OfficeExtend Access Points, Aironet 1810w Series Access Points, Aironet 1815 Series Access Points, Aironet 1830 Series Access Points, Aironet 1850 Series Access Points, Aironet 2800 Series Access Points, Aironet 3800 Series Access Points. Cisco Bug IDs: CSCvg02116. | |||||
| CVE-2018-0235 | 1 Cisco | 1 Wireless Lan Controller Software | 2020-10-22 | 6.1 MEDIUM | 7.4 HIGH |
| A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of certain 802.11 management information element frames that an affected device receives from wireless clients. An attacker could exploit this vulnerability by sending a malformed 802.11 management frame to an affected device. A successful exploit could allow the attacker to cause the affected device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects only Cisco Wireless LAN Controllers that are running Cisco Mobility Express Release 8.5.103.0. Cisco Bug IDs: CSCvg07024. | |||||
| CVE-2018-0196 | 1 Cisco | 1 Ios Xe | 2020-10-22 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web UI of the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of the affected software. A successful exploit could allow the attacker to write arbitrary files to the operating system of an affected device. Cisco Bug IDs: CSCvb22645. | |||||
| CVE-2018-0209 | 1 Cisco | 20 Sf500-24, Sf500-24mp, Sf500-24p and 17 more | 2020-10-22 | 6.8 MEDIUM | 7.7 HIGH |
| A vulnerability in the Simple Network Management Protocol (SNMP) subsystem communication channel through the Cisco 550X Series Stackable Managed Switches could allow an authenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device nay need to be manually reloaded to recover. The vulnerability is due to lack of proper input throttling of ingress SNMP traffic over an internal interface. An attacker could exploit this vulnerability by sending a crafted, heavy stream of SNMP traffic to the targeted device. An exploit could allow the attacker to cause the device to reload unexpectedly, causing a DoS condition. Cisco Bug IDs: CSCvg22135. | |||||
| CVE-2010-1870 | 1 Apache | 1 Struts | 2020-10-20 | 5.0 MEDIUM | N/A |
| The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504. | |||||
| CVE-2016-2168 | 1 Apache | 1 Subversion | 2020-10-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. | |||||
| CVE-2019-4552 | 1 Ibm | 2 Security Access Manager, Security Verify Access | 2020-10-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information. IBM X-Force ID: 165960. | |||||
| CVE-2020-24214 | 3 Jtechdigital, Provideoinstruments, Szuray | 105 H.264 Iptv Encoder 1080p\@60hz, H.264 Iptv Encoder 1080p\@60hz Firmware, Vecaster-4k-hevc and 102 more | 2020-10-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video encoding and streaming for up to a minute, until it automatically reboots. Attackers can send malicious requests once a minute, effectively disabling the device. | |||||
| CVE-2019-18275 | 1 Osisoft | 1 Pi Vision | 2020-10-19 | 4.0 MEDIUM | 6.5 MEDIUM |
| OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affected product is vulnerable to an improper access control, which may return unauthorized tag data when viewing analysis data reference attributes. | |||||
| CVE-2019-7611 | 1 Elastic | 1 Elasticsearch | 2020-10-19 | 6.8 MEDIUM | 8.1 HIGH |
| A permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name. This could result in an attacker gaining additional permissions against a restricted index. | |||||
| CVE-2019-3831 | 2 Ovirt, Redhat | 2 Vdsm, Gluster Storage | 2020-10-19 | 9.0 HIGH | 6.7 MEDIUM |
| A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root. | |||||
| CVE-2019-6520 | 1 Moxa | 8 Eds-405a, Eds-405a Firmware, Eds-408a and 5 more | 2020-10-19 | 5.0 MEDIUM | 7.5 HIGH |
| Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes. | |||||
| CVE-2019-6517 | 1 Bd | 2 Facslyric, Facslyric Ivd | 2020-10-19 | 4.6 MEDIUM | 6.8 MEDIUM |
| BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 2018 and BD FACSLyric IVD Windows 10 Professional Operating System US release does not properly enforce user access control to privileged accounts, which may allow for unauthorized access to administrative level functions. | |||||
| CVE-2016-6835 | 3 Debian, Qemu, Redhat | 4 Debian Linux, Qemu, Enterprise Linux and 1 more | 2020-10-19 | 2.1 LOW | 6.0 MEDIUM |
| The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length. | |||||
| CVE-2020-26898 | 1 Netgear | 2 Rax40, Rax40 Firmware | 2020-10-19 | 8.3 HIGH | 8.8 HIGH |
| NETGEAR RAX40 devices before 1.0.3.80 are affected by incorrect configuration of security settings. | |||||
| CVE-2020-26919 | 1 Netgear | 2 Jgs516pe, Jgs516pe Firmware | 2020-10-19 | 7.5 HIGH | 9.8 CRITICAL |
| NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level. | |||||
| CVE-2019-6554 | 1 Advantech | 1 Webaccess | 2020-10-16 | 5.0 MEDIUM | 7.5 HIGH |
| Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper access control vulnerability may allow an attacker to cause a denial-of-service condition. | |||||
| CVE-2020-26908 | 1 Netgear | 30 D6200, D6200 Firmware, D7000 and 27 more | 2020-10-16 | 10.0 HIGH | 9.8 CRITICAL |
| Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before 1.0.0.42, R6050 before 1.0.1.22, JR6150 before 1.0.1.22, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R69002 before 1.2.0.62, and WNR2020 before 1.1.0.62. | |||||
| CVE-2020-26911 | 1 Netgear | 28 D6200, D6200 Firmware, D7000 and 25 more | 2020-10-16 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, and WNR2020 before 1.1.0.62. | |||||
| CVE-2019-7303 | 1 Canonical | 2 Snapd, Ubuntu Linux | 2020-10-16 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 bits to determine which ioctl(2) commands to run. This issue affects: Canonical snapd versions prior to 2.37.4. | |||||
| CVE-2020-26916 | 1 Netgear | 28 D6200, D6200 Firmware, D7000 and 25 more | 2020-10-16 | 5.8 MEDIUM | 6.3 MEDIUM |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.50, and WNR2020 before 1.1.0.62. | |||||
| CVE-2020-9850 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2020-10-16 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2019-3586 | 1 Mcafee | 1 Endpoint Security | 2020-10-16 | 5.1 MEDIUM | 7.5 HIGH |
| Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection. | |||||
| CVE-2019-6544 | 1 Ge | 1 Ge Communicator | 2020-10-16 | 6.8 MEDIUM | 5.6 MEDIUM |
| GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inaccessible to attackers if Windows default firewall settings are used by the end user. | |||||
| CVE-2019-6566 | 1 Ge | 1 Ge Communicator | 2020-10-16 | 7.2 HIGH | 7.8 HIGH |
| GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system. | |||||
| CVE-2019-1868 | 1 Cisco | 1 Webex Meetings Server | 2020-10-16 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to improper access control to files within the web-based management interface. An attacker could exploit this vulnerability by sending a malicious request to an affected device. A successful exploit could allow the attacker to access sensitive system information. | |||||
| CVE-2019-1851 | 1 Cisco | 1 Identity Services Engine | 2020-10-16 | 4.0 MEDIUM | 6.8 MEDIUM |
| A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to generate arbitrary certificates signed by the Internal Certificate Authority (CA) Services on ISE. This vulnerability is due to an incorrect implementation of role-based access control (RBAC). An attacker could exploit this vulnerability by crafting a specific HTTP request with administrative credentials. A successful exploit could allow the attacker to generate a certificate that is signed and trusted by the ISE CA with arbitrary attributes. The attacker could use this certificate to access other networks or assets that are protected by certificate authentication. | |||||
| CVE-2019-1920 | 1 Cisco | 7 Access Points, Aironet 3700e, Aironet 3700e Firmware and 4 more | 2020-10-16 | 6.1 MEDIUM | 7.4 HIGH |
| A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling condition for client authentication requests sent to a targeted interface configured for FT. An attacker could exploit this vulnerability by sending crafted authentication request traffic to the targeted interface, causing the device to restart unexpectedly. | |||||
| CVE-2019-1890 | 1 Cisco | 34 9432pq, 9536pq, 9636pq and 31 more | 2020-10-16 | 3.3 LOW | 6.5 MEDIUM |
| A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints. | |||||
| CVE-2019-6581 | 1 Siemens | 5 Siveillance Video Management Software 2017 R2, Siveillance Video Management Software 2018 R1, Siveillance Video Management Software 2018 R2 and 2 more | 2020-10-16 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a), Siveillance VMS 2018 R1 (All versions < V12.1a), Siveillance VMS 2018 R2 (All versions < V12.2a), Siveillance VMS 2018 R3 (All versions < V12.3a), Siveillance VMS 2019 R1 (All versions < V13.1a). An attacker with network access to port 80/TCP could change user roles without proper authorization. The security vulnerability could be exploited by an authenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation compromises confidentiality, integrity and availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known. | |||||