VARIoT IoT vulnerabilities database

A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to cause the CDB process on an affected system to restart unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete input validation of URL requests by the REST API of the affected software. An attacker could exploit this vulnerability by sending a crafted URL to the REST API of the affected software on an affected system. A successful exploit could allow the attacker to cause the CDB process on the affected system to restart unexpectedly, resulting in a temporary DoS condition. Cisco Bug IDs: CSCve77571. Vendors have confirmed this vulnerability Bug ID CSCve77571 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Clusterdatabase (CDB) management is one of the cluster database management components

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvf09173. Vendors have confirmed this vulnerability Bug ID CSCvf09173 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This component integrates agent application and self-service voice service, and provides functions such as call distribution and customer access control

A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug logging that causes sensitive information to be written to the log file. This information should be restricted. An attacker who has valid administrative credentials could exploit this vulnerability by authenticating to the device and enabling conditional, verbose debug logging for IPsec and viewing the log file. An exploit could allow the attacker to access sensitive information related to the IPsec configuration. Cisco Bug IDs: CSCvf12081. Cisco IOS XE The software contains an information disclosure vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvf12081 It is released as.Information may be obtained. Cisco IOSXESoftware is an operating system developed by Cisco Systems for its network devices

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006. Cisco WebEx Meetings Server Contains buffer error vulnerabilities and resource exhaustion vulnerabilities. Vendors have confirmed this vulnerability Bug ID CSCvf41006 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvf51241, CSCvf51261. Vendors have confirmed this vulnerability Bug ID CSCvf51241 and CSCvf51261 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvf78615, CSCvf78628. Vendors have confirmed this vulnerability Bug ID CSCvf78615 and CSCvf78628 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. The product invites others to join the meeting via email or instant messaging (IM), enabling online product demonstrations, information sharing, and more

A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low on the FXOS devices under the same conditions, which could cause the AAA process to unexpectedly restart or cause the device to reload. An attacker could exploit this vulnerability by performing a brute-force login attack against a device that is configured with AAA security services. A successful exploit could allow the attacker to cause the affected device to reload. This vulnerability affects the following Cisco products if they are running Cisco FXOS or NX-OS System Software that is configured for AAA services: Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, Unified Computing System (UCS) 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuq58760, CSCuq71257, CSCur97432, CSCus05214, CSCux54898, CSCvc33141, CSCvd36971, CSCve03660. Vendors have confirmed this vulnerability Bug ID CSCuq58760 , CSCuq71257 , CSCur97432 , CSCus05214 , CSCux54898 , CSCvc33141 , CSCvd36971 ,and CSCve03660 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. A security vulnerability exists in Cisco NX-OS. A remote attacker can cause a service restart to cause a denial of service. Cisco Firepower 4100 Series Next-Generation Firewall, etc. are all products of Cisco (Cisco). Cisco Firepower 4100 Series Next-Generation Firewall is a 4100 series firewall product. Multilayer Director Switches is a gateway device

The embedded web server on ABB Fox515T 1.0 devices is vulnerable to Local File Inclusion. It accepts a parameter that specifies a file for display or for use as a template. The filename is not validated; an attacker could retrieve any file. ABB Fox515T Contains an information disclosure vulnerability.Information may be obtained. The ABBFox 515T is a versatile optical transmission device from ABB Switzerland. Embeddedwebserver is one of the embedded web servers

FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection vulnerability. Due to lack of validation, an attacker with high privilege may inject malicious code into some module of the affected products, causing code execution. FusionSphere OpenStack Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei FusionSphere OpenStack is prone to a command-injection vulnerability. Huawei FusionSphere OpenStack is a set of cloud platform software for FusionSphere (cloud operating system) of Huawei in China in ICT scenarios. The vulnerability is caused by the insufficient verification of external input in the program

A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests that it receives and the software does not apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected software. A successful exploit could allow the attacker to delete arbitrary files from the affected system. Cisco Bug IDs: CSCvf41365. Vendors have confirmed this vulnerability Bug ID CSCvf41365 It is released as.Information may be tampered with. Authentication is not required to exploit this vulnerability. The specific flaw exists within graph.php. When parsing the sfile parameter, the script does not properly validate a user-supplied path prior to using it in file operations. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks

The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which triggers double free and causes a system crash or arbitrary code execution. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Huawei Mate 9 Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the Mali GPU driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the kernel. HuaweiMate9 and Mate9Pro are both Huawei's smartphone products. GPUdriver is a graphics driver used in it. A dual release vulnerability exists in the GPU driver in versions prior to HuaweiMate9MHA-AL00B8.0.0.334 (C00) and in versions prior to Mate9ProLON-AL00B8.0.0.334 (C00)

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors. Home unit KX-HJB1000 provided by Panasonic Corporation is a control system for home network. Home unit KX-HJB1000 contains multiple vulnerabilities listed below. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.* A user with access to the affected product may view the configuration menu - CVE-2017-2131 * A user with access to the affected product may delete arbitrary files in the specific directory - CVE-2017-2132 * A user who can log in to the affected product may obtain or alter information on the product - CVE-2017-2133 . Panasonic KX-HJB1000 Homeunitdevices is a network camera from Matsushita Electric Industrial Co., Ltd. of Japan. PanasonicHomeUnitKX-HJB1000 has an arbitrary file deletion vulnerability. An attacker could use this vulnerability to remove any files from the directory. An attacker can exploit this issue to delete arbitrary files on a vulnerable computer with the affected application

Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability due to improper authorization configuration on specific device information. Huaweihonor8 is a smartphone from China's Huawei company. Huaweihonor8 has a privilege escalation vulnerability, because the mobile phone fails to properly configure the modification rights of the specific information of the mobile phone

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions. plural Huawei The product contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei DP300/RP200 and TE series are Huawei's integrated desktop telepresence and high-definition video conferencing terminals for high-end customers. The Huawei DP300 and others are all products of China's Huawei (Huawei). DP300 is a video conferencing terminal. RP200 is a video conferencing all-in-one device. An information disclosure vulnerability exists in several Huawei products. The following products and versions are affected: Huawei DP300 V500R002C00 Version; RP200 V500R002C00SPC200 Version, V600R006C00 Version; TE30 V100R001C10SPC300 Version, V100R001C10SPC500 Version, V100R001C10SPC600 Version, V100R001C10SPC700 Version, V500R002C00SPC200 Version, V500R002C00SPC500 Version, V500R002C00SPC600 Version, V500R002C00SPC700 Version, V500R002C00SPC900 Version, V500R002C00SPCb00 Version, V600R006C00 Version; TE40 V500R002C00SPC600 Version, V500R002C00SPC700 Version, V500R002C00SPC900 Version, V500R002C00SPCb00 Version, V600R006C00 Version; TE50 V500R002C00SPC600 Version, V500R002C00SPC700 Version, V500R002C00SPCb00 Version, V600R006C00 Version; TE60 V100R001C10 Version, V500R002C00 Version, V600R006C00 Version

Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally. plural Huawei The product contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei NIP6300 and others are all products of China Huawei (Huawei). Huawei NIP6300 is an intrusion prevention device. Secospace USG6300 is a firewall device. The following products and versions are affected: Huawei NIP6300 V500R001C20SPC100 Version, V500R001C20SPC200 Version; NIP6600 V500R001C20SPC100 Version, V500R001C20SPC200 Version; Secospace USG6300 V500R001C20SPC100 Version, V500R001C20SPC200 Version; Secospace USG6500 V500R001C20SPC100 Version, V500R001C20SPC200 Version

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors. Home unit KX-HJB1000 provided by Panasonic Corporation is a control system for home network. Home unit KX-HJB1000 contains multiple vulnerabilities listed below. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.* A user with access to the affected product may view the configuration menu - CVE-2017-2131 * A user with access to the affected product may delete arbitrary files in the specific directory - CVE-2017-2132 * A user who can log in to the affected product may obtain or alter information on the product - CVE-2017-2133 . Panasonic KX-HJB1000 Homeunitdevices is a network camera from Matsushita Electric Industrial Co., Ltd. of Japan. PanasonicHomeUnitKX-HJB1000 has an access bypass vulnerability

SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Home unit KX-HJB1000 provided by Panasonic Corporation is a control system for home network. Home unit KX-HJB1000 contains multiple vulnerabilities listed below. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.* A user with access to the affected product may view the configuration menu - CVE-2017-2131 * A user with access to the affected product may delete arbitrary files in the specific directory - CVE-2017-2132 * A user who can log in to the affected product may obtain or alter information on the product - CVE-2017-2133 . Panasonic KX-HJB1000 Homeunitdevices is a network camera from Matsushita Electric Industrial Co., Ltd. of Japan. There is a SQL injection vulnerability in HomeunitKX-HJB1000. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database

Vulnerability in the SPARC M7, T7, S7 based Servers component of Oracle Sun Systems Products Suite (subcomponent: Firmware). The supported version that is affected is Prior to 9.7.6.b. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where SPARC M7, T7, S7 based Servers executes to compromise SPARC M7, T7, S7 based Servers. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of SPARC M7, T7, S7 based Servers. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Oracle Sun Systems Products Suite is a Sun system product suite of Oracle Corporation. Attackers can exploit this vulnerability to cause denial of service (component hang and frequent crashes), affecting data availability

Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). The vulnerability can be exploited over the 'HTTP' protocol. Attackers can take advantage of this vulnerability to read data without authorization, affecting the confidentiality of data

Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). The vulnerability can be exploited over the 'HTTP' protocol. Attackers can exploit this vulnerability to cause denial of service (component hang and frequent crashes), affecting data availability