6 results (0.026 seconds)

CVSS: 10.0EPSS: 96%CPEs: 398EXPL: 30

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. • https://github.com/fullhunt/log4j-scan https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words https://github.com/cyberstruggle/L4sh https://github.com/woodpecker-appstore/log4j-payload-generator https://github.com/tangxiaofeng7/apache-log4j-poc https://www.exploit-db.com/exploits/51183 https://www.exploit-db.com/exploits/50592 https://www.exploit-db.com/exploits/50590 https://github.com/logpresso/CVE-2021-44228-Scanner https://github.com/jas502n/Log4j2-CVE-2021-44228 h • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •

CVSS: 10.0EPSS: 18%CPEs: 28EXPL: 0

Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow. Múltiples vulnerabilidades no especificadas en Unified Service Monitor de Cisco anterior a versión 8.6, tal y como es usado en Unified Operations Manager anterior a versión 8.6 y CiscoWorks LAN Management Solution versiones 3.x y 4.x anteriores a 4.1; y múltiples productos de Ionix de EMC, incluido Application Connectivity Monitor (Ionix ACM) versión 2.3 y versiones anteriores, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) versión 3.2.0.2 y anteriores, IP Management Suite (Ionix IP) versión 8.1.1.1 y versiones anteriores, y otros productos Ionix; permiten a los atacantes remotos ejecutar código arbitrario por medio de paquetes diseñados al puerto TCP 9002, también se conoce como Bug IDs CSCtn42961 y CSCtn64922, relacionados con un desbordamiento de búfer. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified Service Monitor due to bundled EMC SMARTS application server. Authentication is not required to exploit this vulnerability. The flaw exists within the brstart.exe service which listens by default on TCP port 9002. When handling the authentication portion of a SMARTS request the process extracts a user provided value to allocate a buffer via sm_read_string_length then blindly copies user supplied data into this buffer on the heap. • http://secunia.com/advisories/45979 http://secunia.com/advisories/46016 http://secunia.com/advisories/46052 http://secunia.com/advisories/46053 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml http://www.osvdb.org/75442 http://www.securityfocus.com/archive/1/519646/100/0/threaded http://www.securityfocus.com/bid/49627 http://www.securityfocus.com/bid/49644 http:/&# •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 4

Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716. Múltiples vulnerabilidades de inyección SQL en Cisco Unified Operations Manager (CUOM) anterior a v8.6, permite a atacantes remotos ejecuctar comandos SQL de su elección a través de (1) el parámetro CCMs de iptm/PRTestCreation.do o (2) el parámetro ccm de iptm/TelePresenceReportAction.do, también conocido cómo Bug ID CSCtn61716. Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected. • https://www.exploit-db.com/exploits/17304 http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html http://tools.cisco.com/security/center/viewAlert.x?alertId=23086 http://www.exploit-db.com/exploits/17304 http://www.securityfocus.com/bid/47898 http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/67522 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.3EPSS: 87%CPEs: 10EXPL: 5

Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine en el Common Services Device Center en Cisco Unified Operations Manager (CUOM) anterior a v8.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "tag", también conocido como Bug ID CSCto12712. Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected. • https://www.exploit-db.com/exploits/35780 https://www.exploit-db.com/exploits/17304 http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html http://tools.cisco.com/security/center/viewAlert.x?alertId=23087 http://www.exploit-db.com/exploits/17304 http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/67524 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 2%CPEs: 10EXPL: 9

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Cisco Unified Operations Manager (CUOM) antes de v8.6, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de (1) el parámetro extn de iptm/advancedfind.do, (2) el parámetro deviceInstanceName de iptm/ddv.do, el (3) cmd o (4) el parámetro group de iptm/eventmon, el parámetro (5) clusterName o (6) deviceName de iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, o el parámetro (7) ccmName o (8) clusterName de iptm/logicalTopo.do, también conocido como Bug ID CSCtn61716. Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected. • https://www.exploit-db.com/exploits/35765 https://www.exploit-db.com/exploits/35766 https://www.exploit-db.com/exploits/35762 https://www.exploit-db.com/exploits/35763 https://www.exploit-db.com/exploits/35764 https://www.exploit-db.com/exploits/17304 http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html http://tools.cisco.com/security/center/viewAlert.x?alertId=23085 http://www.exploit-db.com/exploits/17304 http://www.senseofsecurity.com.au/advisories/SO • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •