NotCVE - vendor:"Cisco" product:"Application Services Engine"

8 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2021-1396 – Cisco Application Services Engine Unauthorized Access Vulnerabilities

https://notcve.org/view.php?id=CVE-2021-1396

24 Feb 2021 — Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en Cisco Application Services Engine podrían permitir a un atacante remoto no autenticado conseguir acceso privilegiado a oper... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-case-mvuln-dYrDPC6w • CWE-306: Missing Authentication for Critical Function •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

CVE-2021-1393 – Cisco Application Services Engine Unauthorized Access Vulnerabilities

https://notcve.org/view.php?id=CVE-2021-1393

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2020-3335 – Cisco Application Services Engine Software Authorization Vulnerability

https://notcve.org/view.php?id=CVE-2020-3335

03 Jun 2020 — A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker could exploit this vulnerability by logging in to an affected device locally with valid credentials. A successful exploit could allow the attacker to read the sensitive information of other users on the affected device. Una vulnerabilidad e... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-APIC-KSV-3wzbHYT4 • CWE-306: Missing Authentication for Critical Function CWE-863: Incorrect Authorization •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2020-3333 – Cisco Application Services Engine Software Unauthenticated Event Policies Update Vulnerability

https://notcve.org/view.php?id=CVE-2020-3333

03 Jun 2020 — A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected device. An attacker could exploit this vulnerability by crafting a malicious HTTP request to contact an affected device. A successful exploit could allow the attacker to update event policies on the affected device. Una vulnerabilidad en la AP... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-APIC-EPU-F8y5kUOP • CWE-306: Missing Authentication for Critical Function •

CVSS: 9.0EPSS: 2%CPEs: 120EXPL: 0

CVE-2013-3444

https://notcve.org/view.php?id=CVE-2013-3444

31 Jul 2013 — The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbi... • http://secunia.com/advisories/54367 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0

CVE-2013-1196

https://notcve.org/view.php?id=CVE-2013-1196

29 Apr 2013 — The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, C... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1196 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2013-1125

https://notcve.org/view.php?id=CVE-2013-1125

19 Feb 2013 — The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1125 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0

CVE-2007-3923

https://notcve.org/view.php?id=CVE-2007-3923

21 Jul 2007 — The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445. La optimización Common Internet File System (CIFS)de Cisco Wide Area Application Services (WAAS) 4.0.7 y 4.0.9, tal y como se usa en Cisco WAE appliance y el módulo ... • http://secunia.com/advisories/26122 •