VARIoT IoT vulnerabilities database

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124. procps-ng Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Procps-ng Procps is prone to the following security vulnerabilities: 1. A local security-bypass vulnerability 2. A local privilege-escalation vulnerability 3. A local denial-of-service vulnerability 4. Multiple local integer-overflow vulnerabilities 5. A stack-based buffer-overflow vulnerability Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application or perform unauthorized actions. Failed exploit attempts will likely cause a denial-of-service condition

The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.24, 11.1 before Build 58.13, and 12.0 before Build 57.24 allows remote attackers to execute arbitrary code via unspecified vectors. A security vulnerability exists in the AppFirewall feature in Citrix NetScaler ADC and NetScaler Gateway. A remote attacker could exploit this vulnerability to execute arbitrary code

A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains. Fortinet FortiOS Contains an open redirect vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to a host header-injection vulnerability because it fails to properly validate an HTTP request header. A successful attack may allow attackers to insert a crafted host header to navigate the victim to the attacker's domain. Versions prior to FortiOS 6.0.5 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Attackers can exploit this vulnerability by sending specially crafted HTTP requests to redirect users to their specified websites

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter. Nagios XI Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Nagios is an open source free network monitoring tool that can effectively monitor the status of Windows, Linux and Unix hosts, network devices such as switches, routers, printers, etc. Remote attackers can use this vulnerability to execute arbitrary SQL commands

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter. Nagios XI Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Nagios is an open source, free network monitoring tool that effectively monitors host status on Windows, Linux and Unix, network devices such as switch routers, and printers. A SQL injection vulnerability exists in NagiosXI 5.4.12 and earlier versions of the admin/commandline.phpcname parameter, which can be exploited by remote attackers to execute arbitrary SQL commands

A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incomplete input validation of the client EAP-TLS certificate. An attacker could exploit this vulnerability by initiating EAP authentication over TLS to the ISE with a crafted EAP-TLS certificate. A successful exploit could allow the attacker to restart the ISE application server, resulting in a DoS condition on the affected system. The ISE application could continue to restart while the client attempts to establish the EAP authentication connection. If an attacker attempted to import the same EAP-TLS certificate to the ISE trust store, it could trigger a DoS condition on the affected system. This exploit vector would require the attacker to have valid administrator credentials. The vulnerability affects Cisco ISE, Cisco ISE Express, and Cisco ISE Virtual Appliance. Cisco Bug IDs: CSCve31857. Vendors have confirmed this vulnerability Bug ID CSCve31857 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause a denial-of-service condition; denying service to legitimate users. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies. ISE Express is a bundle for use in ISE that provides dynamic client functionality

A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of incoming RTP bitstreams. An attacker could exploit this vulnerability by sending a crafted RTP bitstream to an affected Cisco Meeting Server. A successful exploit could allow the attacker to deny audio and video services by causing media process crashes resulting in a DoS condition on the affected product. This vulnerability affects Cisco Meeting Server deployments that are running Cisco Meeting Server Software Releases 2.0, 2.1, 2.2, and 2.3. Cisco Bug IDs: CSCve79693, CSCvf91393, CSCvg64656, CSCvh30725, CSCvi86363. Vendors have confirmed this vulnerability Bug ID CSCve79693 , CSCvf91393 , CSCvg64656 , CSCvh30725 ,and CSCvi86363 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users

A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of requests stored in logs in the application management interface. An attacker could exploit this vulnerability by sending malicious requests to the targeted system. An exploit could allow the attacker to conduct cross-site scripting attacks when an administrator views the log files. Cisco Bug IDs: CSCvh11308. Vendors have confirmed this vulnerability Bug ID CSCvh11308 It is released as.Information may be obtained and information may be altered. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies. The logs component is one of the log components

A vulnerability in the TCP stack of Cisco SocialMiner could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the notification system. The vulnerability is due to faulty handling of new TCP connections to the affected application. An attacker could exploit this vulnerability by sending a malicious TCP packet to the vulnerable service. An exploit could allow the attacker to create a DoS condition by interrupting certain phone services. A manual restart of the service may be required to restore full functionalities. Cisco Bug IDs: CSCvh48368. Cisco SocialMiner Contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvh48368 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco SocialMiner is a set of social media call center solutions from Cisco. The solution supports social media monitoring and analysis capabilities

A vulnerability in the web framework of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvg86743. Vendors have confirmed this vulnerability Bug ID CSCvg86743 It is released as.Information may be obtained and information may be altered. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. The platform monitors the network by collecting real-time information on the network, users and devices, and formulating and implementing corresponding policies

A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser of an affected phone. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected phone. A successful exploit could allow the attacker to cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts, resulting in a DoS condition. Cisco Bug IDs: CSCvf40066. Vendors have confirmed this vulnerability Bug ID CSCvf40066 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. A remote attacker may exploit this issue to cause a denial-of-service condition; denying service to legitimate users

A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316. Cisco Firepower Threat Defense The software is vulnerable to a defect in the protection mechanism. Vendors have confirmed this vulnerability Bug ID CSCvg09316 It is released as.Information may be tampered with. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. The detection engine is one of the detection engines

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 parameter. Nagios XI Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Nagios is an open source free network monitoring tool that can effectively monitor the status of Windows, Linux and Unix hosts, network devices such as switches, routers, printers, etc

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter. Nagios XI Is SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Nagios is an open source free network monitoring tool that can effectively monitor the status of Windows, Linux and Unix hosts, network devices such as switches, routers, printers, etc

A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and alter the data of existing users and groups on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. If the user has administrative privileges, the attacker could create a new, privileged account to obtain full control over the device interface. This vulnerability affects Connected Grid Network Management System, if running a software release prior to IoT-FND Release 3.0; and IoT Field Network Director, if running a software release prior to IoT-FND Release 4.1.1-6 or 4.2.0-123. Cisco Bug IDs: CSCvi02448. Vendors have confirmed this vulnerability Bug ID CSCvi02448 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The system has functions such as equipment management, asset tracking and intelligent metering. Other attacks are also possible

A vulnerability in the web framework of Cisco Unified Communications Manager and Cisco Unified Presence could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvg89116. Vendors have confirmed this vulnerability Bug ID CSCvg89116 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. CUCM is a call processing component in a unified communication system

A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting (XFS) attack against a user of the web UI of the affected software. The vulnerability is due to insufficient protections for HTML inline frames (iframes) by the web UI of the affected software. An attacker could exploit this vulnerability by persuading a user of the affected UI to navigate to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct click-jacking or other client-side browser attacks on the affected system. Cisco Bug IDs: CSCun79565. Cisco TelePresence Server The software is vulnerable to a defect in the protection mechanism. Vendors have confirmed this vulnerability Bug ID CSCun79565 It is released as.Information may be obtained and information may be altered. The solution provides components such as audio and video spaces, which can provide remote participants with a "face-to-face" virtual meeting room effect. Web UI is one of the web interfaces

A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of command arguments. An attacker could exploit this vulnerability by using crafted arguments when opening a connection to the affected device. An exploit could allow the attacker to gain shell access with a non-root user account to the underlying Linux operating system on the affected device. Due to the system design, access to the Linux shell could allow execution of additional attacks that may have a significant impact on the affected system. This vulnerability affects Cisco devices that are running release 3.7.1, 3.6.3, or earlier releases of Cisco Enterprise NFV Infrastructure Software (NFVIS) when access to the SCP server is allowed on the affected device. Cisco NFVIS Releases 3.5.x and 3.6.x do allow access to the SCP server by default, while Cisco NFVIS Release 3.7.1 does not. Cisco Bug IDs: CSCvh25026. Vendors report this vulnerability Bug ID CSCvh25026 Published as.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Successful exploits may allow an attacker to bypass certain security restrictions. This may allow the attacker to masquerade as a legitimate user, aiding in further attacks. The platform can realize the full lifecycle management of virtualized services through the central coordinator and controller. Secure Copy Protocol (SCP) server is one of the file replication servers

A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could exploit this vulnerability by submitting a crafted URL designed to exploit the issue. A successful exploit could allow the attacker to gain unauthenticated access to critical services, resulting in elevated privileges in DNA Center. This vulnerability affects Cisco DNA Center Software Releases prior to 1.1.2. Cisco Bug IDs: CSCvi09394. Vendors have confirmed this vulnerability Bug ID CSCvi09394 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This may lead to further attacks. The solution scales and protects devices, applications, and more within the network. API gateway is one of API (Application Programming Interface) Gateway

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable CLI command with crafted malicious parameters. An exploit could allow the attacker to execute arbitrary commands with a non-root user account on the underlying Linux operating system of the affected device. Cisco Bug IDs: CSCvi09723. Vendors have confirmed this vulnerability Bug ID CSCvi09723 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The platform can realize the full lifecycle management of virtualized services through the central coordinator and controller. CLI is one of those command-line tools