admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 10:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-18T19:00:29.543584+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-18 19:03:31 +00:00
parent bb009e8cf7
commit 88fca70043
420 changed files with 5492 additions and 1418 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
CVE-2015/CVE-2015-201xx/CVE-2015-20111.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2015-20111",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-18T04:15:03.987",
"lastModified": "2024-11-18T04:15:03.987",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:35:00.977",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in conjunction with CVE-2015-6031 exploitation."
},
{
"lang": "es",
"value": "En las versiones anteriores a 4c90b87 de Bitcoin Core y otros productos, la ejecuci\u00f3n remota de c\u00f3digo no se puede realizar junto con la explotaci\u00f3n de CVE-2015-6031."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bitcoincore.org/en/2024/07/03/disclose_upnp_rce/",

8
CVE-2017/CVE-2017-133xx/CVE-2017-13309.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2017-13309",
"sourceIdentifier": "security@android.com",
"published": "2024-11-15T21:15:05.980",
"lastModified": "2024-11-15T21:35:00.833",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En readEncryptedData de ConscryptEngine.java, existe una posible fuga de texto plano debido a un cifrado utilizado incorrectamente. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {

8
CVE-2017/CVE-2017-133xx/CVE-2017-13310.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2017-13310",
"sourceIdentifier": "security@android.com",
"published": "2024-11-15T22:15:14.177",
"lastModified": "2024-11-15T22:15:14.177",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En createFromParcel de ViewPager.java, existe un posible problema de serializaci\u00f3n de lectura/escritura que conduce a una omisi\u00f3n de permisos. Esto podr\u00eda conducir a una escalada local de privilegios donde una aplicaci\u00f3n puede iniciar una actividad con privilegios del sistema sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},

8
CVE-2017/CVE-2017-133xx/CVE-2017-13311.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2017-13311",
"sourceIdentifier": "security@android.com",
"published": "2024-11-15T22:15:14.240",
"lastModified": "2024-11-15T22:15:14.240",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En la funci\u00f3n read() de ProcessStats.java, existe un posible problema de serializaci\u00f3n de lectura/escritura que conduce a una omisi\u00f3n de permisos. Esto podr\u00eda provocar una escalada local de privilegios donde una aplicaci\u00f3n puede iniciar una actividad con privilegios del sistema sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},

8
CVE-2017/CVE-2017-133xx/CVE-2017-13312.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2017-13312",
"sourceIdentifier": "security@android.com",
"published": "2024-11-15T22:15:14.300",
"lastModified": "2024-11-15T22:15:14.300",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En createFromParcel de MediaCas.java, existe una posible discrepancia entre la lectura y la escritura de paquetes debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una escalada local de privilegios, donde una aplicaci\u00f3n puede iniciar una actividad con privilegios del sistema sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},

8
CVE-2017/CVE-2017-133xx/CVE-2017-13313.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2017-13313",
"sourceIdentifier": "security@android.com",
"published": "2024-11-15T22:15:14.373",
"lastModified": "2024-11-15T22:15:14.373",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation."
},
{
"lang": "es",
"value": "En ElementaryStreamQueue::dequeueAccessUnitMPEG4Video de ESQueue.cpp, existe un posible bucle infinito que conduce al agotamiento de los recursos debido a una comprobaci\u00f3n incorrecta de los l\u00edmites. Esto podr\u00eda provocar una denegaci\u00f3n de servicio remota sin necesidad de privilegios de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},

8
CVE-2017/CVE-2017-133xx/CVE-2017-13314.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2017-13314",
"sourceIdentifier": "security@android.com",
"published": "2024-11-15T22:15:14.440",
"lastModified": "2024-11-15T22:15:14.440",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En setAllowOnlyVpnForUids de NetworkManagementService.java, existe una posible omisi\u00f3n de la configuraci\u00f3n de seguridad debido a la falta de una verificaci\u00f3n de permisos. Esto podr\u00eda provocar una escalada local de privilegios que permita a los usuarios acceder a redes que no sean VPN, cuando se supone que deben estar restringidos a las redes VPN, sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."
}
],
"metrics": {},

45
CVE-2019/CVE-2019-252xx/CVE-2019-25220.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2019-25220",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-18T04:15:04.107",
"lastModified": "2024-11-18T04:15:04.107",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:35:01.780",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service (daemon crash) via a flood of low-difficulty header chains (aka a \"Chain Width Expansion\" attack) because a node does not first verify that a presented chain has enough work before committing to store it."
},
{
"lang": "es",
"value": "Bitcoin Core anterior a 24.0.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (falla del demonio) a trav\u00e9s de una inundaci\u00f3n de cadenas de encabezado de baja dificultad (tambi\u00e9n conocido como un ataque de \"expansi\u00f3n del ancho de la cadena\") porque un nodo no verifica primero que una cadena presentada tenga suficiente trabajo antes de comprometerse a almacenarla."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bitcoincore.org/en/2024/09/18/disclose-headers-oom",

8
CVE-2020/CVE-2020-257xx/CVE-2020-25720.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-25720",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-11-17T11:15:04.320",
"lastModified": "2024-11-17T11:15:04.320",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Samba donde un administrador delegado con permiso para crear objetos en Active Directory puede escribir en todos los atributos del objeto reci\u00e9n creado, incluidos los atributos sensibles a la seguridad, incluso despu\u00e9s de la creaci\u00f3n del objeto. Este problema se produce porque el administrador es el propietario del objeto debido a la falta de una lista de control de acceso (ACL) en el momento de la creaci\u00f3n y, posteriormente, se lo reconoce como el \"propietario creador\". Es posible que no se comprendan bien los derechos importantes que conserva el administrador delegado, lo que puede provocar una escalada de privilegios no deseada o riesgos de seguridad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-260xx/CVE-2020-26062.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-26062",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:05.170",
"lastModified": "2024-11-18T16:15:05.170",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application.\r\nThe vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco Integrated Management Controller podr\u00eda permitir que un atacante remoto no autenticado enumere nombres de usuario v\u00e1lidos dentro de la aplicaci\u00f3n vulnerable. La vulnerabilidad se debe a diferencias en las respuestas de autenticaci\u00f3n enviadas desde la aplicaci\u00f3n como parte de un intento de autenticaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes de autenticaci\u00f3n a la aplicaci\u00f3n afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante confirmar los nombres de las cuentas de usuario administrativas para usarlas en ataques posteriores. No existen workarounds que aborden esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-260xx/CVE-2020-26063.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-26063",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:05.460",
"lastModified": "2024-11-18T16:15:05.460",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system without authorization.\r\nThe vulnerability is due to improper authorization checks on API endpoints. An attacker could exploit this vulnerability by sending malicious requests to an API endpoint. An exploit could allow the attacker to download files from or modify limited configuration options on the affected system.There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en los puntos finales de API de Cisco Integrated Management Controller podr\u00eda permitir que un atacante remoto autenticado omita la autorizaci\u00f3n y realice acciones en un sistema vulnerable sin autorizaci\u00f3n. La vulnerabilidad se debe a comprobaciones de autorizaci\u00f3n incorrectas en los endpoints de API. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes maliciosas a un endpoint de API. Una vulnerabilidad podr\u00eda permitir al atacante descargar archivos o modificar opciones de configuraci\u00f3n limitadas en el sistema afectado. No existen workarounds que aborden esta vulnerabilidad."
}
],
"metrics": {

56
CVE-2020/CVE-2020-260xx/CVE-2020-26066.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2020-26066",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T17:15:09.437",
"lastModified": "2024-11-18T17:15:09.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system.\r\nThe vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD",
"source": "ykramarz@cisco.com"
}
]
}

56
CVE-2020/CVE-2020-260xx/CVE-2020-26067.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2020-26067",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T17:15:09.757",
"lastModified": "2024-11-18T17:15:09.757",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated, remote attacker to conduct cross-site scripting attacks.\r\nThe vulnerability is due to improper validation of usernames. An attacker could exploit this vulnerability by creating an account that contains malicious HTML or script content and joining a space using the malicious account name. A successful exploit could allow the attacker to conduct cross-site scripting attacks and potentially gain access to sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3",
"source": "ykramarz@cisco.com"
}
]
}

8
CVE-2020/CVE-2020-260xx/CVE-2020-26071.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-26071",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:05.710",
"lastModified": "2024-11-18T16:15:05.710",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition.\r\nThe vulnerability is due to insufficient input validation for specific commands. An attacker could exploit this vulnerability by including crafted arguments to those specific commands. A successful exploit could allow the attacker to create or overwrite arbitrary files on the affected device, which could result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco SD-WAN podr\u00eda permitir que un atacante local autenticado cree o sobrescriba archivos arbitrarios en un dispositivo afectado, lo que podr\u00eda generar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente para comandos espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad al incluir argumentos manipulados para esos comandos espec\u00edficos. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante cree o sobrescriba archivos arbitrarios en el dispositivo afectado, lo que podr\u00eda generar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-260xx/CVE-2020-26073.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-26073",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:05.947",
"lastModified": "2024-11-18T16:15:05.947",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information.\r\nThe vulnerability is due to improper validation of directory traversal character sequences within requests to application programmatic interfaces (APIs). An attacker could exploit this vulnerability by sending malicious requests to an API within the affected application. A successful exploit could allow the attacker to conduct directory traversal attacks and gain access to sensitive information including credentials or user tokens.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en los puntos finales de datos de la aplicaci\u00f3n de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso a informaci\u00f3n confidencial. La vulnerabilidad se debe a una validaci\u00f3n incorrecta de las secuencias de caracteres de directory traversal dentro de las solicitudes a las interfaces program\u00e1ticas de aplicaciones (API). Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes maliciosas a una API dentro de la aplicaci\u00f3n afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante realizar ataques de directory traversal y obtener acceso a informaci\u00f3n confidencial, incluidas las credenciales o los tokens de usuario. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-260xx/CVE-2020-26074.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-26074",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:06.170",
"lastModified": "2024-11-18T16:15:06.170",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system.\r\nThe vulnerability is due to improper validation of path input to the system file transfer functions. An attacker could exploit this vulnerability by sending requests that contain specially crafted path variables to the vulnerable system. A successful exploit could allow the attacker to overwrite arbitrary files, allowing the attacker to modify the system in such a way that could allow the attacker to gain escalated privileges.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en las funciones de transferencia de archivos del sistema de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante local autenticado obtenga privilegios elevados en el sistema operativo subyacente. La vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada de ruta a las funciones de transferencia de archivos del sistema. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes que contengan variables de ruta especialmente dise\u00f1adas al sistema vulnerable. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios, lo que le permitir\u00eda modificar el sistema de tal manera que podr\u00eda permitirle obtener privilegios elevados. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-271xx/CVE-2020-27124.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-27124",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:06.397",
"lastModified": "2024-11-18T16:15:06.397",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition.\r\nThe vulnerability is due to improper error handling on established SSL/TLS connections. An attacker could exploit this vulnerability by establishing an SSL/TLS connection with the affected device and then sending a malicious SSL/TLS message within that connection. A successful exploit could allow the attacker to cause the device to reload.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el controlador SSL/TLS del software Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto no autenticado haga que el dispositivo afectado se recargue inesperadamente, lo que genera una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un manejo inadecuado de errores en conexiones SSL/TLS establecidas. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n SSL/TLS con el dispositivo afectado y luego enviando un mensaje SSL/TLS malicioso dentro de esa conexi\u00f3n. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el dispositivo se recargue. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-34xx/CVE-2020-3420.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-3420",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:06.630",
"lastModified": "2024-11-18T16:15:06.630",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\nThe vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Unified Communications Manager (Unified CM) y Cisco Unified Communications Manager Session Management Edition (Unified CM SME) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web del software afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando datos maliciosos en un campo de datos espec\u00edfico de la interfaz. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. No existen workarounds que aborden esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-34xx/CVE-2020-3431.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-3431",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:06.897",
"lastModified": "2024-11-18T16:15:06.897",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042 Dual WAN VPN Routers and Cisco Small Business RV042G Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.\r\nThe vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042 Dual WAN VPN y Cisco Small Business RV042G Dual Gigabit WAN VPN podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web del software afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

30
CVE-2020/CVE-2020-35xx/CVE-2020-3525.json
View File

@ -2,16 +2,42 @@
"id": "CVE-2020-3525",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:07.127",
"lastModified": "2024-11-18T16:15:07.127",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:35:05.240",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system.\r\nThe vulnerability is due to the incorrect inclusion of saved passwords when loading configuration pages in the Admin portal. An attacker with read or write access to the Admin portal could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to recover passwords and expose those accounts to further attack.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el portal de administraci\u00f3n de Cisco Identity Services Engine (ISE) podr\u00eda permitir que un atacante remoto autenticado recupere contrase\u00f1as de cuentas de servicio guardadas en un sistema afectado. La vulnerabilidad se debe a la inclusi\u00f3n incorrecta de contrase\u00f1as guardadas al cargar p\u00e1ginas de configuraci\u00f3n en el portal de administraci\u00f3n. Un atacante con acceso de lectura o escritura al portal de administraci\u00f3n podr\u00eda aprovechar esta vulnerabilidad navegando a una p\u00e1gina que contenga datos confidenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante recuperar contrase\u00f1as y exponer esas cuentas a m\u00e1s ataques. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",

8
CVE-2020/CVE-2020-35xx/CVE-2020-3532.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-3532",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:07.367",
"lastModified": "2024-11-18T16:15:07.367",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\nThe vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service y Cisco Unity Connection podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) contra un usuario de la interfaz. La vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. No existen workarounds que aborden esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-35xx/CVE-2020-3538.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-3538",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:07.660",
"lastModified": "2024-11-18T16:15:07.660",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device.\r\nThe vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to overwrite or list arbitrary files on the affected device.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en un determinado punto final de la API REST del software Cisco Data Center Network Manager (DCNM) podr\u00eda permitir que un atacante remoto autenticado realice un ataque de path traversal en un dispositivo afectado. La vulnerabilidad se debe a una aplicaci\u00f3n insuficiente de las restricciones de ruta. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir o enumerar archivos arbitrarios en el dispositivo afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-35xx/CVE-2020-3539.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-3539",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:07.880",
"lastModified": "2024-11-18T16:15:07.880",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization.\r\nThe vulnerability is due to a failure to limit access to resources that are intended for users with Administrator privileges. An attacker could exploit this vulnerability by convincing a user to click a malicious URL. A successful exploit could allow a low-privileged attacker to list, view, create, edit, and delete templates in the same manner as a user with Administrator privileges.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Data Center Network Manager (DCNM) podr\u00eda permitir que un atacante remoto autenticado vea, modifique y elimine datos sin la autorizaci\u00f3n correspondiente. La vulnerabilidad se debe a un error al limitar el acceso a los recursos destinados a usuarios con privilegios de administrador. Un atacante podr\u00eda aprovechar esta vulnerabilidad convenciendo a un usuario de que haga clic en una URL maliciosa. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante con pocos privilegios enumere, vea, cree, edite y elimine plantillas de la misma manera que un usuario con privilegios de administrador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2020/CVE-2020-35xx/CVE-2020-3548.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-3548",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:08.100",
"lastModified": "2024-11-18T16:15:08.100",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition.\r\nThe vulnerability is due to inefficient processing of incoming TLS traffic. An attacker could exploit this vulnerability by sending a series of crafted TLS packets to an affected device. A successful exploit could allow the attacker to trigger a prolonged state of high CPU utilization. The affected device would still be operative, but response time and overall performance may be degraded.There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo Transport Layer Security (TLS) del software Cisco AsyncOS para Cisco Email Security Appliance (ESA) podr\u00eda permitir que un atacante remoto no autenticado provoque un alto uso de la CPU en un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un procesamiento ineficiente del tr\u00e1fico TLS entrante. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una serie de paquetes TLS manipulados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante activar un estado prolongado de alto uso de la CPU. El dispositivo afectado seguir\u00eda funcionando, pero el tiempo de respuesta y el rendimiento general podr\u00edan verse degradados. No existen workarounds que aborden esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-11xx/CVE-2021-1132.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1132",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:08.343",
"lastModified": "2024-11-18T16:15:08.343",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data.\r\nThis vulnerability exists because the web-management interface and certain HTTP-based APIs do not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el subsistema API y en la interfaz de administraci\u00f3n web de Cisco Network Services Orchestrator (NSO) podr\u00eda permitir que un atacante remoto no autenticado acceda a datos confidenciales. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n web y ciertas API basadas en HTTP no validan correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada que contenga secuencias de caracteres de directory traversal a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder a archivos confidenciales en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-12xx/CVE-2021-1232.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1232",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:08.567",
"lastModified": "2024-11-18T16:15:08.567",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system.\r\nThis vulnerability is due to insufficient access control for sensitive information that is written to an affected system. An attacker could exploit this vulnerability by accessing sensitive information that they are not authorized to access on an affected system. A successful exploit could allow the attacker to gain access to devices and other network management systems that they should not have access to.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado lea archivos arbitrarios en el sistema de archivos subyacente de un sistema afectado. Esta vulnerabilidad se debe a un control de acceso insuficiente para la informaci\u00f3n confidencial que se escribe en un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad al acceder a informaci\u00f3n confidencial a la que no est\u00e1 autorizado a acceder en un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener acceso a dispositivos y otros sistemas de administraci\u00f3n de red a los que no deber\u00eda tener acceso. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-12xx/CVE-2021-1234.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1234",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:08.813",
"lastModified": "2024-11-18T16:15:08.813",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode.\r\nThis vulnerability is due to the absence of authentication for sensitive information in the cluster management interface. An attacker could exploit this vulnerability by sending a crafted request to the cluster management interface of an affected system. A successful exploit could allow the attacker to view sensitive information on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n de cl\u00fasteres de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto no autenticado vea informaci\u00f3n confidencial en un sistema afectado. Para verse afectado por esta vulnerabilidad, el software vManage debe estar en modo de cl\u00faster. Esta vulnerabilidad se debe a la ausencia de autenticaci\u00f3n para informaci\u00f3n confidencial en la interfaz de administraci\u00f3n de cl\u00fasteres. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud dise\u00f1ada a la interfaz de administraci\u00f3n de cl\u00fasteres de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante vea informaci\u00f3n confidencial en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-12xx/CVE-2021-1285.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1285",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:09.087",
"lastModified": "2024-11-18T16:15:09.087",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the Snort detection engine that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.\r\nThe vulnerability is due to improper handling of error conditions when processing Ethernet frames. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could allow the attacker to exhaust disk space on the affected device, which could result in administrators being unable to log in to the device or the device being unable to boot up correctly.Note: Manual intervention is required to recover from this situation. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el decodificador de tramas Ethernet del motor de detecci\u00f3n Snort que podr\u00eda permitir que un atacante adyacente no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un manejo inadecuado de las condiciones de error al procesar tramas Ethernet. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tramas Ethernet maliciosas a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante agote el espacio en disco en el dispositivo afectado, lo que podr\u00eda provocar que los administradores no puedan iniciar sesi\u00f3n en el dispositivo o que el dispositivo no pueda iniciarse correctamente. Nota: Se requiere intervenci\u00f3n manual para recuperarse de esta situaci\u00f3n. Se recomienda a los clientes que se comuniquen con el Centro de asistencia t\u00e9cnica (TAC) de Cisco para obtener ayuda para recuperar un dispositivo en esta condici\u00f3n. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-13xx/CVE-2021-1379.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1379",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:09.310",
"lastModified": "2024-11-18T16:15:09.310",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.\r\nThese vulnerabilities are due to missing checks when the IP phone processes a Cisco Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en las implementaciones de Cisco Discovery Protocol y Link Layer Discovery Protocol (LLDP) para los tel\u00e9fonos IP de Cisco de las series 68xx/78xx/88xx podr\u00edan permitir que un atacante adyacente no autenticado ejecute c\u00f3digo de forma remota o provoque una recarga de un tel\u00e9fono IP afectado. Estas vulnerabilidades se deben a la falta de comprobaciones cuando el tel\u00e9fono IP procesa un paquete Cisco Discovery Protocol o LLDP. Un atacante podr\u00eda explotar estas vulnerabilidades enviando un paquete Cisco Discovery Protocol o LLDP malicioso al tel\u00e9fono IP de destino. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo en el tel\u00e9fono IP afectado o hacer que se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Nota: Cisco Discovery Protocol es un protocolo de capa 2. Para explotar estas vulnerabilidades, un atacante debe estar en el mismo dominio de difusi\u00f3n que el dispositivo afectado (adyacente a la capa 2). Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1410.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1410",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:09.553",
"lastModified": "2024-11-18T16:15:09.553",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization.\r\nThe vulnerability is due to insufficient authorization enforcement for requests to update distribution lists. An attacker could exploit this vulnerability by sending a crafted request to the Webex Meetings interface to modify an existing distribution list. A successful exploit could allow the attacker to modify a distribution list that belongs to a user other than themselves.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de lista de distribuci\u00f3n de Cisco Webex Meetings podr\u00eda permitir que un atacante remoto autenticado modifique una lista de distribuci\u00f3n que pertenece a otro usuario de su organizaci\u00f3n. La vulnerabilidad se debe a una aplicaci\u00f3n insuficiente de la autorizaci\u00f3n para las solicitudes de actualizaci\u00f3n de listas de distribuci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada a la interfaz de Webex Meetings para modificar una lista de distribuci\u00f3n existente. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante modificar una lista de distribuci\u00f3n que pertenece a un usuario que no sea \u00e9l mismo. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1424.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1424",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:09.823",
"lastModified": "2024-11-18T16:15:09.823",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:15:10.423",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.\r\nThis vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso ipsecmgr del software Cisco ASR 5000 Series (StarOS) podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los paquetes entrantes de Internet Key Exchange versi\u00f3n 2 (IKEv2). Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes IKEv2 espec\u00edficamente malformados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el proceso ipsecmgr se reinicie, lo que interrumpir\u00eda las negociaciones IKE en curso y dar\u00eda como resultado una condici\u00f3n de DoS temporal. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1425.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1425",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:10.180",
"lastModified": "2024-11-18T16:15:10.180",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device.\r\nThe vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco AsyncOS Software para Cisco Content Security Management Appliance (SMA) podr\u00eda permitir que un atacante remoto autenticado acceda a informaci\u00f3n confidencial en un dispositivo afectado. La vulnerabilidad existe porque se incluye informaci\u00f3n confidencial en las solicitudes HTTP que se intercambian entre el usuario y el dispositivo. Un atacante podr\u00eda aprovechar esta vulnerabilidad al observar las solicitudes HTTP sin procesar que se env\u00edan a la interfaz. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener algunas de las contrase\u00f1as que se configuran en toda la interfaz. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1440.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1440",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:10.400",
"lastModified": "2024-11-18T16:15:10.400",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition.\r\nThis vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a specifically crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2021 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de la caracter\u00edstica Resource Public Key Infrastructure (RPKI) del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado provoque el bloqueo del proceso del protocolo de puerta de enlace fronteriza (BGP), lo que dar\u00eda lugar a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al manejo incorrecto de un encabezado de paquete espec\u00edfico del protocolo RPKI a enrutador (RTR). Un atacante podr\u00eda aprovechar esta vulnerabilidad comprometiendo el servidor validador de RPKI y enviando un paquete RTR espec\u00edficamente manipulado a un dispositivo afectado. Como alternativa, el atacante podr\u00eda utilizar t\u00e9cnicas de intermediario para hacerse pasar por el servidor validador de RPKI y enviar un paquete de respuesta RTR espec\u00edficamente manipulado a trav\u00e9s de la conexi\u00f3n TCP RTR establecida al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar una condici\u00f3n de DoS porque el proceso BGP podr\u00eda reiniciarse constantemente y el enrutamiento BGP podr\u00eda volverse inestable. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que aborden esta vulnerabilidad. Este aviso es parte de la publicaci\u00f3n de septiembre de 2021 del paquete de avisos de seguridad del software Cisco IOS XR. Para obtener una lista completa de los avisos y los enlaces a ellos, consulte ."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1444.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1444",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:10.627",
"lastModified": "2024-11-18T16:15:10.627",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado realice ataques de cross-site scripting (XSS) contra un usuario de la interfaz. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de servicios web de un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o permitirle acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Este aviso es parte de la versi\u00f3n de octubre de 2021 de la publicaci\u00f3n Cisco ASA, FTD y FMC Security Advisory Bundled. Para obtener una lista completa de los avisos y los v\u00ednculos a ellos, consulte."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1461.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1461",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:10.850",
"lastModified": "2024-11-18T16:15:10.850",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could allow an authenticated, remote attacker with Administrator-level credentials to install a malicious software patch on an affected device.\r\nThe vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.Cisco has released software updates that address the vulnerability described in this advisory. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de verificaci\u00f3n de firma de imagen del software Cisco SD-WAN podr\u00eda permitir que un atacante remoto autenticado con credenciales de nivel de administrador instale un parche de software malicioso en un dispositivo afectado. La vulnerabilidad se debe a una verificaci\u00f3n incorrecta de las firmas digitales para las im\u00e1genes de parches. Un atacante podr\u00eda aprovechar esta vulnerabilidad creando un parche de software sin firmar para eludir las comprobaciones de firmas y cargarlo en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante iniciar una imagen de parche de software malicioso. Cisco ha publicado actualizaciones de software que solucionan la vulnerabilidad descrita en este aviso. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1462.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1462",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:11.087",
"lastModified": "2024-11-18T16:15:11.087",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker would need to have a valid Administrator account on an affected system.\r\nThe vulnerability is due to incorrect privilege assignment. An attacker could exploit this vulnerability by logging in to an affected system with an Administrator account and creating a malicious file, which the system would parse at a later time. A successful exploit could allow the attacker to obtain root privileges on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco SD-WAN vManage podr\u00eda permitir que un atacante local autenticado eleve los privilegios en un sistema afectado. Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener una cuenta de administrador v\u00e1lida en un sistema afectado. La vulnerabilidad se debe a una asignaci\u00f3n incorrecta de privilegios. Un atacante podr\u00eda explotar esta vulnerabilidad iniciando sesi\u00f3n en un sistema afectado con una cuenta de administrador y creando un archivo malicioso, que el sistema analizar\u00eda m\u00e1s adelante. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante obtenga privilegios de superusuario en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1464.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1464",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:07.350",
"lastModified": "2024-11-15T17:15:07.350",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain restricted access to the configuration information of an affected system.\r\nThis vulnerability exists because the affected software has insufficient input validation for certain commands. An attacker could exploit this vulnerability by sending crafted requests to the affected commands of an affected system. A successful exploit could allow the attacker to bypass authorization checking and gain restricted access to the configuration data of the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el software Cisco SD-WAN vManage podr\u00eda permitir que un atacante remoto autenticado eluda la verificaci\u00f3n de autorizaci\u00f3n y obtenga acceso restringido a la informaci\u00f3n de configuraci\u00f3n de un sistema afectado. Esta vulnerabilidad existe porque el software afectado no tiene suficiente validaci\u00f3n de entrada para determinados comandos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes manipuladas a los comandos afectados de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante eluda la verificaci\u00f3n de autorizaci\u00f3n y obtenga acceso restringido a los datos de configuraci\u00f3n del sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1465.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1465",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-18T16:15:11.350",
"lastModified": "2024-11-18T16:15:11.350",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to sensitive files on an affected system.\r\n The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to write arbitrary files on the affected system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco SD-WAN vManage podr\u00eda permitir que un atacante remoto autenticado realice un ataque de directory traversal y obtenga acceso de lectura a archivos confidenciales en un sistema afectado. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de las solicitudes HTTP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada que contenga secuencias de caracteres de directory traversal a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante escribir archivos arbitrarios en el sistema afectado."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1466.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1466",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:07.670",
"lastModified": "2024-11-15T17:15:07.670",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the vDaemon service of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to cause a buffer overflow on an affected system, resulting in a denial of service (DoS) condition.\r\nThe vulnerability is due to incomplete bounds checks for data that is provided to the vDaemon service of an affected system. An attacker could exploit this vulnerability by sending malicious data to the vDaemon listening service on the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could allow the attacker to cause the vDaemon listening service to reload and result in a DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el servicio vDaemon de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante local autenticado provoque un desbordamiento de b\u00fafer en un sistema afectado, lo que dar\u00eda como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a comprobaciones de los l\u00edmites incompletas para los datos que se proporcionan al servicio vDaemon de un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando datos maliciosos al servicio de escucha vDaemon en el sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una condici\u00f3n de desbordamiento de b\u00fafer en el sistema afectado, lo que podr\u00eda permitirle al atacante hacer que el servicio de escucha vDaemon se vuelva a cargar y genere una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1470.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1470",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:07.977",
"lastModified": "2024-11-15T17:35:11.340",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.\r\nThis vulnerability is due to improper input validation of SQL queries to an affected system. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on or return values from the vManage database or the underlying operating system.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n SQL en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta de consultas SQL en un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la aplicaci\u00f3n y enviando consultas SQL maliciosas a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante modificar valores o devolver valores de la base de datos de vManage o del sistema operativo subyacente. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1481.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1481",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:08.277",
"lastModified": "2024-11-15T17:15:08.277",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system.\r\nThis vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the interface of an affected system. A successful exploit could allow the attacker to obtain sensitive information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n de lenguaje de consulta Cypher en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a la interfaz de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener informaci\u00f3n confidencial. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1482.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1482",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:08.530",
"lastModified": "2024-11-15T17:15:08.530",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain access to sensitive information on an affected system.\r\nThis vulnerability is due to insufficient authorization checks. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to bypass authorization checking and gain access to sensitive information on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado eluda la verificaci\u00f3n de autorizaci\u00f3n y obtenga acceso a informaci\u00f3n confidencial en un sistema afectado. Esta vulnerabilidad se debe a verificaciones de autorizaci\u00f3n insuficientes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a la interfaz de administraci\u00f3n basada en web de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante eluda la verificaci\u00f3n de autorizaci\u00f3n y obtenga acceso a informaci\u00f3n confidencial en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1483.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1483",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:08.760",
"lastModified": "2024-11-15T17:15:08.760",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system.\r\nThis vulnerability is due to improper handling of XML External Entity (XXE) entries when the affected software parses certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de usuario web del software Cisco SD-WAN vManage podr\u00eda permitir que un atacante remoto autenticado obtenga acceso de lectura y escritura a la informaci\u00f3n almacenada en un sistema afectado. Esta vulnerabilidad se debe a un manejo inadecuado de las entradas de entidad externa XML (XXE) cuando el software afectado analiza determinados archivos XML. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que importe un archivo XML creado con entradas maliciosas. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer y escribir archivos dentro de la aplicaci\u00f3n afectada. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1484.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1484",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:08.983",
"lastModified": "2024-11-15T17:15:08.983",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service (DoS) condition.\r\nThis vulnerability is due to improper input validation of user-supplied input to the device template configuration. An attacker could exploit this vulnerability by submitting crafted input to the device template configuration. A successful exploit could allow the attacker to cause a DoS condition on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de usuario web de Cisco SD-WAN vManage Software podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios en un sistema afectado y provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario a la configuraci\u00f3n de la plantilla del dispositivo. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una entrada dise\u00f1ada a la configuraci\u00f3n de la plantilla del dispositivo. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una condici\u00f3n de denegaci\u00f3n de servicio en el sistema afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1491.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1491",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:09.220",
"lastModified": "2024-11-15T17:15:09.220",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying file system of the device.\r\nThis vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the file system and then accessing it through the web-based management interface. A successful exploit could allow the attacker to read arbitrary files from the file system of the underlying operating system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web del software Cisco SD-WAN vManage podr\u00eda permitir que un atacante remoto autenticado lea archivos arbitrarios en el sistema de archivos subyacente del dispositivo. Esta vulnerabilidad se debe a una limitaci\u00f3n insuficiente del alcance de los archivos. Un atacante podr\u00eda aprovechar esta vulnerabilidad creando una referencia de archivo espec\u00edfica en el sistema de archivos y luego accediendo a ella a trav\u00e9s de la interfaz de administraci\u00f3n basada en web. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante lea archivos arbitrarios del sistema de archivos del sistema operativo subyacente. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-14xx/CVE-2021-1494.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-1494",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:09.423",
"lastModified": "2024-11-15T17:15:09.423",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.\r\n The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload."
},
{
"lang": "es",
"value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de detecci\u00f3n Snort que podr\u00eda permitir que un atacante remoto no autenticado eluda una pol\u00edtica de archivos configurada para HTTP. La vulnerabilidad se debe a un manejo incorrecto de par\u00e1metros de encabezado HTTP espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes HTTP manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir una pol\u00edtica de archivos configurada para paquetes HTTP y entregar una carga maliciosa."
}
],
"metrics": {

8
CVE-2021/CVE-2021-347xx/CVE-2021-34750.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-34750",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:09.657",
"lastModified": "2024-11-15T17:15:09.657",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device.\r\nThis vulnerability is due to lack of proper encryption of sensitive information stored within the GUI configuration manager. An attacker could exploit this vulnerability by logging into the FMC GUI and navigating to certain sensitive configurations. A successful exploit could allow the attacker to view sensitive configuration parameters in clear text.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.[[Publication_URL{Layout()}]]This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el administrador de configuraci\u00f3n de la interfaz gr\u00e1fica de usuario (GUI) administrativa basada en la web del software Cisco Firepower Management Center podr\u00eda permitir que un atacante remoto autenticado acceda a informaci\u00f3n de configuraci\u00f3n confidencial. El atacante necesitar\u00eda credenciales con pocos privilegios en un dispositivo afectado. Esta vulnerabilidad se debe a la falta de cifrado adecuado de la informaci\u00f3n confidencial almacenada en el administrador de configuraci\u00f3n de la interfaz gr\u00e1fica de usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la interfaz gr\u00e1fica de usuario de FMC y navegando a determinadas configuraciones confidenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver par\u00e1metros de configuraci\u00f3n confidenciales en texto plano. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. [[Publication_URL{Layout()}]] Este aviso es parte de la versi\u00f3n de octubre de 2021 de la publicaci\u00f3n Cisco ASA, FTD y FMC Security Advisory Bundled. Para obtener una lista completa de los avisos y los v\u00ednculos a ellos, consulte ."
}
],
"metrics": {

8
CVE-2021/CVE-2021-347xx/CVE-2021-34751.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-34751",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:09.883",
"lastModified": "2024-11-15T17:15:09.883",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device.\r\nThis vulnerability exists because of improper encryption of sensitive information stored within the GUI configuration manager. An attacker could exploit this vulnerability by logging into the GUI of Cisco FMC Software and navigating to certain sensitive configurations. A successful exploit could allow the attacker to view sensitive configuration parameters in clear text.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.[[Publication_URL{Layout()}]]This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see . "
},
{
"lang": "es",
"value": "Una vulnerabilidad en el administrador de configuraci\u00f3n de la interfaz gr\u00e1fica de usuario (GUI) administrativa basada en la Web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado acceda a informaci\u00f3n de configuraci\u00f3n confidencial. El atacante requerir\u00eda credenciales con pocos privilegios en un dispositivo afectado. Esta vulnerabilidad existe debido al cifrado incorrecto de la informaci\u00f3n confidencial almacenada en el administrador de configuraci\u00f3n de la interfaz gr\u00e1fica de usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la interfaz gr\u00e1fica de usuario del software Cisco FMC y navegando a determinadas configuraciones confidenciales. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver par\u00e1metros de configuraci\u00f3n confidenciales en texto plano. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. [[Publication_URL{Layout()}]] Este aviso es parte de la versi\u00f3n de octubre de 2021 de la publicaci\u00f3n Cisco ASA, FTD y FMC Security Advisory Bundled. Para obtener una lista completa de los avisos y los v\u00ednculos a ellos, consulte . "
}
],
"metrics": {

8
CVE-2021/CVE-2021-347xx/CVE-2021-34752.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-34752",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:10.097",
"lastModified": "2024-11-15T17:15:10.097",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. \r\n\r\nThis vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute commands with root privileges on the underlying operating system.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco FTD Software podr\u00eda permitir que un atacante local autenticado con privilegios administrativos ejecute comandos arbitrarios con privilegios de superusuario en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos de los comandos proporcionados por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una entrada dise\u00f1ada a los comandos afectados. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos con privilegios de superusuario en el sistema operativo subyacente. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2021/CVE-2021-347xx/CVE-2021-34753.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-34753",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:10.303",
"lastModified": "2024-11-15T17:15:10.303",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic.\r\n\r\nThis vulnerability is due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit this vulnerability by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass configured access control and intrusion policies that should trigger and drop for the ENIP packet."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la inspecci\u00f3n de payload del tr\u00e1fico del Protocolo industrial Ethernet (ENIP) para el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado eluda las reglas configuradas para el tr\u00e1fico ENIP. Esta vulnerabilidad se debe a un procesamiento incompleto durante la inspecci\u00f3n profunda de paquetes de ENIP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete ENIP manipulado a la interfaz de destino. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante eludir las pol\u00edticas de intrusi\u00f3n y control de acceso configuradas que deber\u00edan activarse y descartarse para el paquete ENIP."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20626.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20626",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:19.287",
"lastModified": "2024-11-15T16:15:19.287",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid credentials for the device.\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Prime Access Registrar Appliance podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross site scripting contra un usuario de la interfaz. El atacante necesitar\u00eda credenciales v\u00e1lidas para el dispositivo. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20631.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20631",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:19.527",
"lastModified": "2024-11-15T16:15:19.527",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThe vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious script code in a chat window. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en la web de Cisco ECE podr\u00eda permitir que un atacante remoto no autenticado realice un ataque XSS contra un usuario de la interfaz de un dispositivo afectado. La vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en la web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad insertando c\u00f3digo de script malicioso en una ventana de chat. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz o permitirle acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. "
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20632.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20632",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:10.583",
"lastModified": "2024-11-15T17:15:10.583",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThe vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco ECE podr\u00eda permitir que un atacante remoto no autenticado realice un ataque XSS contra un usuario de la interfaz de un dispositivo afectado. La vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz o permitirle acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20633.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20633",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T17:15:10.820",
"lastModified": "2024-11-15T17:15:10.820",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device.\r\n\r\nThis vulnerability is due to differences in authentication responses that are sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to an affected device. A successful exploit could allow the attacker to confirm existing user accounts, which could be used in further attacks.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco ECE podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de enumeraci\u00f3n de nombres de usuario contra un dispositivo afectado. Esta vulnerabilidad se debe a diferencias en las respuestas de autenticaci\u00f3n que se env\u00edan desde la aplicaci\u00f3n como parte de un intento de autenticaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes de autenticaci\u00f3n a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante confirmar cuentas de usuario existentes, que podr\u00edan usarse en ataques posteriores. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20634.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20634",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:19.747",
"lastModified": "2024-11-15T16:15:19.747",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to redirect a user to an undesired web page.\r\nThis vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to cause the interface to redirect the user to a specific, malicious URL. This type of vulnerability is known as an open redirect and is used in phishing attacks that get users to unknowingly visit malicious sites.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco ECE podr\u00eda permitir que un atacante remoto no autenticado redirija a un usuario a una p\u00e1gina web no deseada. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta de los par\u00e1metros de URL en una solicitud HTTP que se env\u00eda a un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo manipulada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que la interfaz redirija al usuario a una URL espec\u00edfica y maliciosa. Este tipo de vulnerabilidad se conoce como redirecci\u00f3n abierta y se utiliza en ataques de phishing que hacen que los usuarios visiten sitios maliciosos sin saberlo. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20648.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20648",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:19.983",
"lastModified": "2024-11-15T16:15:19.983",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions that could result in the disclosure of confidential information that should be restricted.\r\nThis vulnerability exists because of a debug service that incorrectly listens to and accepts incoming connections. An attacker could exploit this vulnerability by connecting to the debug port and executing debug commands. A successful exploit could allow the attacker to view sensitive debugging information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en una funci\u00f3n de depuraci\u00f3n de Cisco RCM para Cisco StarOS Software podr\u00eda permitir que un atacante remoto no autenticado realice acciones de depuraci\u00f3n que podr\u00edan dar como resultado la divulgaci\u00f3n de informaci\u00f3n confidencial que deber\u00eda estar restringida. Esta vulnerabilidad existe debido a un servicio de depuraci\u00f3n que escucha y acepta incorrectamente las conexiones entrantes. Un atacante podr\u00eda aprovechar esta vulnerabilidad conect\u00e1ndose al puerto de depuraci\u00f3n y ejecutando comandos de depuraci\u00f3n. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver informaci\u00f3n de depuraci\u00f3n confidencial. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20649.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20649",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:20.247",
"lastModified": "2024-11-15T16:15:20.247",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform remote code execution on the application with root-level privileges in the context of the configured container.\r\n\r\nThis vulnerability exists because the debug mode is incorrectly enabled for specific services. An attacker could exploit this vulnerability by connecting to the device and navigating to the service with debug mode enabled. A successful exploit could allow the attacker to execute arbitrary commands as the root user.\r\nThe attacker would need to perform detailed reconnaissance to allow for unauthenticated access. The vulnerability can also be exploited by an authenticated attacker.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco RCM para Cisco StarOS Software podr\u00eda permitir que un atacante remoto no autenticado ejecute c\u00f3digo remoto en la aplicaci\u00f3n con privilegios de nivel superusuario en el contexto del contenedor configurado. Esta vulnerabilidad existe porque el modo de depuraci\u00f3n est\u00e1 habilitado incorrectamente para servicios espec\u00edficos. Un atacante podr\u00eda aprovechar esta vulnerabilidad conect\u00e1ndose al dispositivo y navegando al servicio con el modo de depuraci\u00f3n habilitado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios como usuario superusuario. El atacante tendr\u00eda que realizar un reconocimiento detallado para permitir el acceso no autenticado. La vulnerabilidad tambi\u00e9n puede ser explotada por un atacante autenticado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20652.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20652",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:20.520",
"lastModified": "2024-11-15T16:15:20.520",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface and in the API subsystem of Cisco Tetration could allow an authenticated, remote attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system.\r\nThis vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted HTTP message to the affected system. A successful exploit could allow the attacker to execute commands with root-level privileges. To exploit this vulnerability, an attacker would need valid administrator-level credentials.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web y en el subsistema API de Cisco Tetration podr\u00eda permitir que un atacante remoto autenticado inyecte comandos arbitrarios para que se ejecuten con privilegios de nivel ra\u00edz en el sistema operativo subyacente. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un mensaje HTTP manipulado al sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos con privilegios de nivel superusuario. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda credenciales de nivel de administrador v\u00e1lidas. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20654.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20654",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:20.767",
"lastModified": "2024-11-15T16:15:20.767",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based interface of Cisco Webex Meetings. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz basada en web de Cisco Webex Meetings podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross site scripting (XSS) contra un usuario de la interfaz basada en web. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por la interfaz basada en web de Cisco Webex Meetings. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo manipulado con fines malintencionados. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20655.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20655",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:20.987",
"lastModified": "2024-11-15T16:15:20.987",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack.\r\n The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de la CLI en un dispositivo que ejecuta ConfD podr\u00eda permitir que un atacante local autenticado realice un ataque de inyecci\u00f3n de comandos. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de un argumento de proceso en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad inyectando comandos durante la ejecuci\u00f3n de este proceso. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con el nivel de privilegio de ConfD, que normalmente es superusuario."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20656.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20656",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:21.237",
"lastModified": "2024-11-15T16:15:21.237",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system.\r\n\r\nThis vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco PI y Cisco EPNM podr\u00eda permitir que un atacante remoto autenticado realice un ataque de path traversal en un dispositivo afectado. Para aprovechar esta vulnerabilidad, el atacante debe tener credenciales v\u00e1lidas en el sistema. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de la URL HTTPS por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada que contenga secuencias de caracteres de directory traversal a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante escribir archivos arbitrarios en el sistema host. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20657.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20657",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:21.473",
"lastModified": "2024-11-15T16:15:21.473",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco PI y Cisco EPNM podr\u00eda permitir que un atacante remoto no autenticado realice un ataque XSS contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de una interfaz afectada para que haga clic en un v\u00ednculo manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20663.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20663",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:21.693",
"lastModified": "2024-11-15T16:15:21.693",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\nThe vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Secure Network Analytics, anteriormente Stealthwatch Enterprise, podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross site scripting (XSS) contra un usuario de la interfaz. La vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por parte de la interfaz de administraci\u00f3n basada en web del software afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que haga clic en un v\u00ednculo manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Atenci\u00f3n: la simplificaci\u00f3n de la cartera de Cisco incluye el cambio de nombre de los productos de seguridad bajo una sola marca: Cisco Secure. Para obtener m\u00e1s informaci\u00f3n, consulte."
}
],
"metrics": {

8
CVE-2022/CVE-2022-206xx/CVE-2022-20685.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20685",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:21.910",
"lastModified": "2024-11-15T16:15:21.910",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el preprocesador Modbus del motor de detecci\u00f3n Snort podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un desbordamiento de enteros durante el procesamiento del tr\u00e1fico Modbus. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico Modbus manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que el proceso Snort se bloquee, lo que provocar\u00eda que se detenga la inspecci\u00f3n del tr\u00e1fico. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-207xx/CVE-2022-20766.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20766",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:22.133",
"lastModified": "2024-11-15T16:15:22.133",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\nThis vulnerability is due to an out-of-bounds read when processing Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause a service restart.Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Cisco Discovery Protocol del firmware del adaptador telef\u00f3nico adaptable Cisco ATA 190 Series podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. Esta vulnerabilidad se debe a una lectura fuera de los l\u00edmites al procesar paquetes Cisco Discovery Protocol. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes Cisco Discovery Protocol manipulados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque un reinicio del servicio. Cisco ha publicado actualizaciones de firmware que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-207xx/CVE-2022-20793.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20793",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:22.370",
"lastModified": "2024-11-15T16:15:22.370",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device.\r\nThis vulnerability is due to insufficient identity verification. An attacker could exploit this vulnerability by impersonating a legitimate device and responding to the pairing broadcast from an affected device. A successful exploit could allow the attacker to access the affected device while impersonating a legitimate device.There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso de emparejamiento del software Cisco TelePresence CE y el software RoomOS para dispositivos Cisco Touch 10 podr\u00eda permitir que un atacante remoto no autenticado se haga pasar por un dispositivo leg\u00edtimo y se empareje con un dispositivo afectado. Esta vulnerabilidad se debe a una verificaci\u00f3n de identidad insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad haci\u00e9ndose pasar por un dispositivo leg\u00edtimo y respondiendo a la transmisi\u00f3n de emparejamiento de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder al dispositivo afectado mientras se hace pasar por un dispositivo leg\u00edtimo. No existen workarounds que aborden esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-208xx/CVE-2022-20814.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20814",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:22.670",
"lastModified": "2024-11-15T22:15:14.747",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data.  The vulnerability is due to a lack of validation of the SSL server certificate that an affected device receives when it establishes a connection to a Cisco Unified Communications Manager device. An attacker could exploit this vulnerability by using a man-in-the-middle technique to intercept the traffic between the devices, and then using a self-signed certificate to impersonate the endpoint. A successful exploit could allow the attacker to view the intercepted traffic in clear text or alter the contents of the traffic.\r\nNote: Cisco Expressway-E is not affected by this vulnerability.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la validaci\u00f3n de certificados de Cisco Expressway-C y Cisco TelePresence VCS podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso no autorizado a datos confidenciales. La vulnerabilidad se debe a la falta de validaci\u00f3n del certificado de servidor SSL que recibe un dispositivo afectado cuando establece una conexi\u00f3n con un dispositivo Cisco Unified Communications Manager. Un atacante podr\u00eda aprovechar esta vulnerabilidad utilizando una t\u00e9cnica de intermediario para interceptar el tr\u00e1fico entre los dispositivos y, a continuaci\u00f3n, utilizando un certificado autofirmado para hacerse pasar por el punto final. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver el tr\u00e1fico interceptado en texto plano o alterar el contenido del tr\u00e1fico. Nota: Cisco Expressway-E no se ve afectado por esta vulnerabilidad. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. "
}
],
"metrics": {

8
CVE-2022/CVE-2022-208xx/CVE-2022-20845.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20845",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:22.913",
"lastModified": "2024-11-15T16:15:22.913",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process.\r\nThis vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability by connecting to the device and issuing TL1 commands after being authenticated. A successful exploit could allow the attacker to cause the TL1 process to consume large amounts of memory. When the memory reaches a threshold, the Resource Monitor (Resmon) process will begin to restart or shutdown the top five consumers of memory, resulting in a denial of service (DoS).Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n TL1 de Cisco Network Convergence System (NCS) serie 4000 podr\u00eda permitir que un atacante local autenticado provoque una p\u00e9rdida de memoria en el proceso TL1. Esta vulnerabilidad se debe a que TL1 no libera memoria en determinadas condiciones. Un atacante podr\u00eda aprovechar esta vulnerabilidad conect\u00e1ndose al dispositivo y emitiendo comandos TL1 despu\u00e9s de ser autenticado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el proceso TL1 consuma grandes cantidades de memoria. Cuando la memoria alcanza un umbral, el proceso Resource Monitor (Resmon) comenzar\u00e1 a reiniciar o apagar los cinco principales consumidores de memoria, lo que provocar\u00e1 una denegaci\u00f3n de servicio (DoS). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Este aviso es parte de la versi\u00f3n de septiembre de 2022 de la publicaci\u00f3n agrupada de avisos de seguridad del software Cisco IOS XR. Para obtener una lista completa de los avisos y los v\u00ednculos a ellos, consulte."
}
],
"metrics": {

8
CVE-2022/CVE-2022-208xx/CVE-2022-20846.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20846",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:23.120",
"lastModified": "2024-11-15T17:15:11.147",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device.\r\nThis vulnerability is due to a heap buffer overflow in certain Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow, which could cause the Cisco Discovery Protocol process to reload on the device. The bytes that can be written in the buffer overflow are restricted, which limits remote code execution.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).  Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo Cisco Discovery para el software Cisco IOS XR podr\u00eda permitir que un atacante adyacente no autenticado haga que el proceso del protocolo Cisco Discovery se vuelva a cargar en un dispositivo afectado. Esta vulnerabilidad se debe a un desbordamiento del b\u00fafer de pila en ciertos mensajes del protocolo Cisco Discovery. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete malicioso del protocolo Cisco Discovery a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque un desbordamiento de pila, lo que podr\u00eda hacer que el proceso del protocolo Cisco Discovery se vuelva a cargar en el dispositivo. Los bytes que se pueden escribir en el desbordamiento del b\u00fafer est\u00e1n restringidos, lo que limita la ejecuci\u00f3n remota de c\u00f3digo. Nota: el protocolo Cisco Discovery es un protocolo de capa 2. Para aprovechar esta vulnerabilidad, un atacante debe estar en el mismo dominio de difusi\u00f3n que el dispositivo afectado (capa 2 adyacente). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que aborden esta vulnerabilidad. Este aviso es parte de la versi\u00f3n de septiembre de 2022 de la publicaci\u00f3n conjunta de avisos de seguridad del software Cisco IOS XR. Para obtener una lista completa de los avisos y los enlaces a ellos, consulte."
}
],
"metrics": {

8
CVE-2022/CVE-2022-208xx/CVE-2022-20849.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20849",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:23.327",
"lastModified": "2024-11-15T16:15:23.327",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash.\r\nThis vulnerability exists because the PPPoE feature does not properly handle an error condition within a specific crafted packet sequence. An attacker could exploit this vulnerability by sending a sequence of specific PPPoE packets from controlled customer premises equipment (CPE). A successful exploit could allow the attacker to cause the PPPoE process to continually restart, resulting in a denial of service condition (DoS).Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n Broadband Network Gateway PPP over Ethernet (PPPoE) del software Cisco IOS XR podr\u00eda permitir que un atacante adyacente no autenticado provoque que el proceso PPPoE se bloquee continuamente. Esta vulnerabilidad existe porque la funci\u00f3n PPPoE no maneja correctamente una condici\u00f3n de error dentro de una secuencia de paquetes espec\u00edfica manipulada. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una secuencia de paquetes PPPoE espec\u00edficos desde un equipo local del cliente (CPE) controlado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el proceso PPPoE se reinicie continuamente, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Este aviso es parte de la publicaci\u00f3n de septiembre de 2022 del aviso de seguridad del software Cisco IOS XR. Para obtener una lista completa de los avisos y los enlaces a ellos, consulte."
}
],
"metrics": {

8
CVE-2022/CVE-2022-208xx/CVE-2022-20853.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20853",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:23.540",
"lastModified": "2024-11-15T16:15:23.540",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.\r\n\r\nThis vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user of the REST API to follow a crafted link. A successful exploit could allow the attacker to cause the affected system to reload.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. "
},
{
"lang": "es",
"value": "Una vulnerabilidad en la API REST de Cisco Expressway Series y Cisco TelePresence VCS podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de Cross-Site Request Forgery (CSRF) en un sistema afectado. Esta vulnerabilidad se debe a que no hay suficientes protecciones CSRF para la interfaz de administraci\u00f3n basada en web de un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la API REST para que siga un enlace manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante haga que el sistema afectado se recargue. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-208xx/CVE-2022-20871.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20871",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:23.757",
"lastModified": "2024-11-15T16:15:23.757",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root.\r\nThis vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by authenticating to the system and sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least read-only credentials.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco AsyncOS para Cisco Secure Web Appliance, anteriormente Cisco Web Security Appliance (WSA), podr\u00eda permitir que un atacante remoto autenticado realice una inyecci\u00f3n de comandos y eleve los privilegios a superusuario. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario para la interfaz web. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose en el sistema y enviando un paquete HTTP dise\u00f1ado al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente y elevar los privilegios a superusuario. Para explotar con \u00e9xito esta vulnerabilidad, un atacante necesitar\u00eda al menos credenciales de solo lectura. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. Atenci\u00f3n: la simplificaci\u00f3n de la cartera de Cisco incluye el cambio de nombre de los productos de seguridad bajo una sola marca: Cisco Secure. Para obtener m\u00e1s informaci\u00f3n, consulte."
}
],
"metrics": {

8
CVE-2022/CVE-2022-209xx/CVE-2022-20931.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20931",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:23.967",
"lastModified": "2024-11-15T16:15:23.967",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the software on an affected device.\r\nThis vulnerability is due to insufficient version control. An attacker could exploit this vulnerability by installing an older version of Cisco TelePresence CE Software on an affected device. A successful exploit could allow the attacker to take advantage of vulnerabilities in older versions of the software.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el control de versiones del software Cisco TelePresence CE para dispositivos Cisco Touch 10 podr\u00eda permitir que un atacante adyacente no autenticado instale una versi\u00f3n anterior del software en un dispositivo afectado. Esta vulnerabilidad se debe a un control de versiones insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad instalando una versi\u00f3n anterior del software Cisco TelePresence CE en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante se aproveche de las vulnerabilidades en versiones anteriores del software. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-209xx/CVE-2022-20939.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20939",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:24.200",
"lastModified": "2024-11-15T16:15:24.200",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system.\r\nThis vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this vulnerability by accessing certain logs on an affected system. A successful exploit could allow the attacker to use the obtained information to elevate privileges to System Admin.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Smart Software Manager On-Prem podr\u00eda permitir que un atacante remoto autenticado eleve los privilegios en un sistema afectado. Esta vulnerabilidad se debe a una protecci\u00f3n inadecuada de la informaci\u00f3n confidencial del usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad accediendo a determinados registros de un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante use la informaci\u00f3n obtenida para elevar los privilegios a Administrador del sistema. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2022/CVE-2022-209xx/CVE-2022-20948.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2022-20948",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:24.427",
"lastModified": "2024-11-15T16:15:24.427",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\nThis vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco BroadWorks Hosted Thin Receptionist podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross site scripting (XSS) contra un usuario de la interfaz. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada de usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

19
CVE-2022/CVE-2022-264xx/CVE-2022-26494.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26494",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-21T15:15:08.313",
"lastModified": "2022-03-28T17:18:35.420",
"vulnStatus": "Analyzed",
"lastModified": "2024-11-18T17:15:10.723",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -96,19 +96,12 @@
],
"references": [
{
"url": "https://doc.primekey.com/signserver",
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
]
"url": "https://docs.keyfactor.com/signserver/",
"source": "cve@mitre.org"
},
{
"url": "https://support.primekey.com/news/posts/signserver-security-advisory-cross-site-scripting-issue-in-admin-web",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
"url": "https://support.keyfactor.com/hc/en-us/articles/15618125602715-Security-Advisory-SignServer-Cross-site-scripting-issue-in-Admin-Web",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-06xx/CVE-2023-0657.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-0657",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-11-17T11:15:05.300",
"lastModified": "2024-11-17T11:15:05.300",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en Keycloak. Este problema ocurre debido a la aplicaci\u00f3n incorrecta de tipos de tokens al validar firmas localmente. Esto podr\u00eda permitir que un atacante autenticado intercambie un token de cierre de sesi\u00f3n por un token de acceso y posiblemente obtenga acceso a datos fuera de los permisos aplicados."
}
],
"metrics": {

8
CVE-2023/CVE-2023-14xx/CVE-2023-1419.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-1419",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-11-17T11:15:05.593",
"lastModified": "2024-11-17T11:15:05.593",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de inyecci\u00f3n de scripts en el conector de base de datos de Debezium, donde no se sanean correctamente algunos par\u00e1metros. Esta falla permite que un atacante env\u00ede una solicitud maliciosa para inyectar un par\u00e1metro que puede permitir la visualizaci\u00f3n de datos no autorizados."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20004.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20004",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:24.657",
"lastModified": "2024-11-15T16:15:24.657",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Tres vulnerabilidades en la CLI de Cisco TelePresence CE y RoomOS podr\u00edan permitir que un atacante local autenticado sobrescriba archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Estas vulnerabilidades se deben a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda explotar estas vulnerabilidades colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para explotar estas vulnerabilidades, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Nota: CVE-2023-20092 no afecta a los dispositivos Cisco DX70, DX80, TelePresence MX Series o TelePresence SX Series. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20036.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20036",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:24.950",
"lastModified": "2024-11-15T16:15:24.950",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to improper input validation when uploading a Device Pack. An attacker could exploit this vulnerability by altering the request that is sent when uploading a Device Pack. A successful exploit could allow the attacker to execute arbitrary commands as NT AUTHORITY\\SYSTEM on the underlying operating system of an affected device.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz web de Cisco IND podr\u00eda permitir que un atacante remoto autenticado ejecute comandos arbitrarios con privilegios administrativos en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada incorrecta al cargar un Device Pack. Un atacante podr\u00eda aprovechar esta vulnerabilidad modificando la solicitud que se env\u00eda al cargar un Device Pack. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos arbitrarios como NT AUTHORITY\\SYSTEM en el sistema operativo subyacente de un dispositivo afectado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20039.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20039",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:25.157",
"lastModified": "2024-11-15T16:15:25.157",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data.\r\n\r\nThis vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit this vulnerability by accessing files in the application data directory. A successful exploit could allow the attacker to view sensitive information.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. "
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco IND podr\u00eda permitir que un atacante local autenticado lea datos de la aplicaci\u00f3n. Esta vulnerabilidad se debe a que los permisos de archivo predeterminados que se aplican al directorio de datos de la aplicaci\u00f3n son insuficientes. Un atacante podr\u00eda aprovechar esta vulnerabilidad accediendo a los archivos del directorio de datos de la aplicaci\u00f3n. Si lo hiciera, podr\u00eda permitirle ver informaci\u00f3n confidencial. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20060.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20060",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:25.357",
"lastModified": "2024-11-15T16:15:25.357",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Prime Collaboration Deployment could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nCisco plans to release software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Prime Collaboration Deployment podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross site scripting contra un usuario de la interfaz. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de la interfaz para que haga clic en un v\u00ednculo creado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco planea lanzar actualizaciones de software que solucionen esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20090.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20090",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:25.560",
"lastModified": "2024-11-15T16:15:25.560",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device.\r\n\r\nThis vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of crafted commands. A successful exploit could allow the attacker to elevate privileges to root.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco TelePresence CE y RoomOS podr\u00eda permitir que un atacante local autenticado eleve los privilegios a superusuario en un dispositivo afectado. Esta vulnerabilidad se debe a un control de acceso inadecuado en determinados comandos de la CLI. Un atacante podr\u00eda aprovechar esta vulnerabilidad ejecutando una serie de comandos manipulados. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante elevar los privilegios a superusuario. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20091.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20091",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:25.770",
"lastModified": "2024-11-15T16:15:25.770",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThis vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit this vulnerability, an attacker would need to have a remote support user account.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco TelePresence CE y RoomOS podr\u00eda permitir que un atacante local autenticado sobrescribiera archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Esta vulnerabilidad se debe a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda aprovechar esta vulnerabilidad colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20092.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20092",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:25.980",
"lastModified": "2024-11-15T16:15:25.980",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Tres vulnerabilidades en la CLI de Cisco TelePresence CE y RoomOS podr\u00edan permitir que un atacante local autenticado sobrescriba archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Estas vulnerabilidades se deben a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda explotar estas vulnerabilidades colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para explotar estas vulnerabilidades, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Nota: CVE-2023-20092 no afecta a los dispositivos Cisco DX70, DX80, TelePresence MX Series o TelePresence SX Series. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20093.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20093",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:26.187",
"lastModified": "2024-11-15T16:15:26.187",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Tres vulnerabilidades en la CLI de Cisco TelePresence CE y RoomOS podr\u00edan permitir que un atacante local autenticado sobrescriba archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Estas vulnerabilidades se deben a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda explotar estas vulnerabilidades colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para explotar estas vulnerabilidades, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Nota: CVE-2023-20092 no afecta a los dispositivos Cisco DX70, DX80, TelePresence MX Series o TelePresence SX Series. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"metrics": {

8
CVE-2023/CVE-2023-200xx/CVE-2023-20094.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20094",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T16:15:26.390",
"lastModified": "2024-11-15T16:15:26.390",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device.\r\n\r\nThis vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read that discloses sensitive information.\r\nNote: This vulnerability only affects Cisco Webex Desk Hub.\r\nThere are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco TelePresence CE y RoomOS podr\u00eda permitir que un atacante adyacente no autenticado vea informaci\u00f3n confidencial en un dispositivo afectado. Esta vulnerabilidad existe porque el software afectado realiza comprobaciones de los l\u00edmites incorrectas. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar una lectura fuera de los l\u00edmites que revele informaci\u00f3n confidencial. Nota: Esta vulnerabilidad solo afecta a Cisco Webex Desk Hub. No existen workarounds que aborden esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2023/CVE-2023-201xx/CVE-2023-20125.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20125",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T15:15:05.347",
"lastModified": "2024-11-15T15:15:05.347",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition.\r\n\r\nThis vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An attacker could exploit this vulnerability by sending a high rate of TCP connections to the server. A successful exploit could allow the attacker to cause TCP connection resources to grow rapidly until the Cisco BroadWorks Network Server becomes unusable.\r\nNote: To recover from this vulnerability, either Cisco BroadWorks Network Server software must be restarted or the Cisco BroadWorks Network Server node must be rebooted. For more information, see the section of this advisory.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz local de Cisco BroadWorks Network Server podr\u00eda permitir que un atacante remoto no autenticado agote los recursos del sistema, lo que provocar\u00eda una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad existe porque no se produce una limitaci\u00f3n de velocidad para determinadas conexiones TCP entrantes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una alta tasa de conexiones TCP al servidor. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que los recursos de conexi\u00f3n TCP crezcan r\u00e1pidamente hasta que Cisco BroadWorks Network Server se vuelva inutilizable. Nota: Para recuperarse de esta vulnerabilidad, se debe reiniciar el software de Cisco BroadWorks Network Server o el nodo de Cisco BroadWorks Network Server. Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n de este aviso. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2023/CVE-2023-201xx/CVE-2023-20154.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-20154",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-11-15T15:15:05.697",
"lastModified": "2024-11-15T15:15:05.697",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges.\r\n\r\nThis vulnerability is due to the improper handling of certain messages that are returned by the associated external authentication server. An attacker could exploit this vulnerability by logging in to the web interface of an affected server. Under certain conditions, the authentication mechanism would be bypassed and the attacker would be logged in as an administrator. A successful exploit could allow the attacker to obtain administrative privileges on the web interface of an affected server, including the ability to access and modify every simulation and all user-created data. To exploit this vulnerability, the attacker would need valid user credentials that are stored on the associated external authentication server.\r\nCisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el mecanismo de autenticaci\u00f3n externa de Cisco Modeling Labs podr\u00eda permitir que un atacante remoto no autenticado acceda a la interfaz web con privilegios administrativos. Esta vulnerabilidad se debe al manejo inadecuado de ciertos mensajes que devuelve el servidor de autenticaci\u00f3n externo asociado. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en la interfaz web de un servidor afectado. En determinadas condiciones, se omitir\u00eda el mecanismo de autenticaci\u00f3n y el atacante iniciar\u00eda sesi\u00f3n como administrador. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante obtener privilegios administrativos en la interfaz web de un servidor afectado, incluida la capacidad de acceder y modificar todas las simulaciones y todos los datos creados por el usuario. Para aprovechar esta vulnerabilidad, el atacante necesitar\u00eda credenciales de usuario v\u00e1lidas que est\u00e9n almacenadas en el servidor de autenticaci\u00f3n externo asociado. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. Existen workarounds que solucionan esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2023/CVE-2023-391xx/CVE-2023-39176.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-39176",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-18T10:15:04.667",
"lastModified": "2024-11-18T10:15:04.667",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en el an\u00e1lisis de las solicitudes SMB2 que tienen un encabezado de transformaci\u00f3n en el m\u00f3dulo ksmbd del kernel. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto para divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas de Linux. Solo los sistemas con ksmbd habilitado son vulnerables a esta CVE."
}
],
"metrics": {

8
CVE-2023/CVE-2023-391xx/CVE-2023-39179.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-39179",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-18T10:15:04.980",
"lastModified": "2024-11-18T10:15:04.980",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en el manejo de solicitudes de lectura SMB2 en el m\u00f3dulo ksmbd del kernel. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto para divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas de Linux. Solo los sistemas con ksmbd habilitado son vulnerables a esta CVE."
}
],
"metrics": {

4
CVE-2023/CVE-2023-391xx/CVE-2023-39180.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39180",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-18T10:15:05.217",
"lastModified": "2024-11-18T15:35:02.397",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2023/CVE-2023-430xx/CVE-2023-43091.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-43091",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-11-17T13:15:14.140",
"lastModified": "2024-11-17T13:15:14.140",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en GNOME Maps, que es vulnerable a un ataque de inyecci\u00f3n de c\u00f3digo a trav\u00e9s de su archivo de configuraci\u00f3n service.json. Si el archivo de configuraci\u00f3n es malicioso, puede ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {

8
CVE-2023/CVE-2023-46xx/CVE-2023-4639.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-4639",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-11-17T11:15:05.840",
"lastModified": "2024-11-17T11:15:05.840",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en Undertow que analiza incorrectamente las cookies con ciertos caracteres que delimitan valores en las solicitudes entrantes. Este problema podr\u00eda permitir que un atacante construya un valor de cookie para extraer valores de cookies HttpOnly o falsificar valores de cookies adicionales arbitrarios, lo que lleva a un acceso o modificaci\u00f3n de datos no autorizados. La principal amenaza de esta falla afecta la confidencialidad e integridad de los datos."
}
],
"metrics": {

25
CVE-2023/CVE-2023-499xx/CVE-2023-49952.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-49952",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-18T18:15:05.927",
"lastModified": "2024-11-18T18:15:05.927",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mastodon 4.1.x before 4.1.17 and 4.2.x before 4.2.9 allows a bypass of rate limiting via a crafted HTTP request header."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mastodon/mastodon/security",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-c2r5-cfqr-c553",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-61xx/CVE-2023-6110.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2023-6110",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-11-17T11:15:06.097",
"lastModified": "2024-11-17T11:15:06.097",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en OpenStack. Cuando un usuario intenta eliminar una regla de acceso inexistente en su \u00e1mbito, elimina otras reglas de acceso existentes que no est\u00e1n asociadas con ninguna credencial de aplicaci\u00f3n."
}
],
"metrics": {

8
CVE-2024/CVE-2024-00xx/CVE-2024-0012.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-0012",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-11-18T16:15:11.683",
"lastModified": "2024-11-18T16:15:11.683",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 .\n\nThe risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended\u00a0 best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability."
},
{
"lang": "es",
"value": "Una omisi\u00f3n de autenticaci\u00f3n en el software PAN-OS de Palo Alto Networks permite que un atacante no autenticado con acceso a la red a la interfaz web de administraci\u00f3n obtenga privilegios de administrador de PAN-OS para realizar acciones administrativas, alterar la configuraci\u00f3n o explotar otras vulnerabilidades de escalada de privilegios autenticados como CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . El riesgo de este problema se reduce en gran medida si protege el acceso a la interfaz web de administraci\u00f3n restringiendo el acceso solo a direcciones IP internas confiables de acuerdo con nuestras pautas de implementaci\u00f3n recomendadas https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Este problema solo se aplica al software PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1 y PAN-OS 11.2. Cloud NGFW y Prisma Access no se ven afectados por esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-07xx/CVE-2024-0793.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-0793",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-11-17T11:15:06.340",
"lastModified": "2024-11-17T11:15:06.340",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en kube-controller-manager. Este problema ocurre cuando la aplicaci\u00f3n inicial de un archivo YAML de configuraci\u00f3n de HPA que carece de un bloque .spec.behavior.scaleUp provoca una denegaci\u00f3n de servicio debido a que los pods de KCM entran en un estado de reinicio."
}
],
"metrics": {

8
CVE-2024/CVE-2024-100xx/CVE-2024-10015.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10015",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-16T04:15:03.917",
"lastModified": "2024-11-16T04:15:03.917",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'type' parameters in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento ConvertCalculator for WordPress para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s de los par\u00e1metros 'id' y 'type' en todas las versiones hasta la 1.1.1 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-100xx/CVE-2024-10017.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10017",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-16T04:15:04.157",
"lastModified": "2024-11-16T04:15:04.157",
"vulnStatus": "Received",
"lastModified": "2024-11-18T17:11:17.393",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PJW Mime Config plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
},
{
"lang": "es",
"value": "El complemento PJW Mime Config para WordPress es vulnerable a cross site scripting almacenado mediante cargas de archivos SVG en todas las versiones hasta la 1.0 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG."
}
],
"metrics": {

Some files were not shown because too many files have changed in this diff Show More