CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2009-0616
https://notcve.org/view.php?id=CVE-2009-0616
Cisco Application Networking Manager (ANM) before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to "default user credentials during installation." Cisco Application Networking Manager (ANM) en versiones anteriores a la 2.0 utiliza nombres de usuario y contraseñas por defecto, lo que facilita el acceso a los atacantes remotos a la aplicacion, o causar una denegación de servicio a través de cambios de configuración. Se trata de un asunto relacionado con "las credenciales de usuario por defecto durante la instalación." • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml http://www.securityfocus.com/bid/33903 http://www.securitytracker.com/id?1021771 • CWE-255: Credentials Management Errors •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2009-0615
https://notcve.org/view.php?id=CVE-2009-0615
Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions." Vulnerabilidad de salto de directorio en Cisco Application Networking Manager (ANM) anterior a v2.0 y Application Control Engine (ACE) Device Manager anterior a vA3(2.1) permite a usuarios atenticados remotamente leer o modificar ficheros de su elección a através de vectores sin especificar relacionados con "permisos de directorio inválido". • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml http://www.securityfocus.com/bid/33903 http://www.securitytracker.com/id?1021770 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2009-0617
https://notcve.org/view.php?id=CVE-2009-0617
Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files. Cisco Application Networking Manager (ANM) anteriores a v2.0 utiliza una contraseña por defecto para el directorio raíz MySQL, el cual hace más fácil para atacantes remotos ejecutar arbitrariamente comandos del sistema operativo o cambiar archivos del sistema. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml http://www.securityfocus.com/bid/33903 http://www.securitytracker.com/id?1021771 • CWE-255: Credentials Management Errors •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2009-0618
https://notcve.org/view.php?id=CVE-2009-0618
Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files. Vulnerabilidad no especificada en el agente Java de Cisco Application Networking Manager (ANM) anterior a 2.0 Actualización A, permite a atacantes remotos obtener privilegios y provocar una denegación de servicio -parada del servicio- deteniendo procesos, u obteniendo información sensible leyendo los ficheros de configuración. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml http://www.securityfocus.com/bid/33903 http://www.securitytracker.com/id?1021772 •