VARIoT IoT vulnerabilities database
VAR-201607-0174 | CVE-2016-3585 | Oracle Sun Systems Products Suite of ILOM In Emulex Vulnerabilities |
CVSS V2: 5.8 CVSS V3: 7.4 Severity: HIGH |
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality and integrity via vectors related to Emulex. Oracle has released advance notification regarding the July 2016 Critical Patch Update (CPU) to be released on July 19, 2016. The update addresses 276 vulnerabilities affecting the following software:
Oracle Application Express
Oracle Database Server
Oracle Access Manager
Oracle BI Publisher
Oracle Business Intelligence Enterprise Edition
Oracle Directory Server Enterprise Edition
Oracle Exalogic Infrastructure
Oracle Fusion Middleware
Oracle GlassFish Server
Oracle HTTP Server
Oracle JDeveloper
Oracle Portal
Oracle WebCenter Sites
Oracle WebLogic Server
Outside In Technology
Hyperion Financial Reporting
Enterprise Manager Base Platform
Enterprise Manager for Fusion Middleware
Enterprise Manager Ops Center
Oracle E-Business Suite
Oracle Agile Engineering Data Management
Oracle Agile PLM
Oracle Demand Planning
Oracle Engineering Data Management
Oracle Transportation Management
PeopleSoft Enterprise FSCM
PeopleSoft Enterprise PeopleTools
JD Edwards EnterpriseOne Tools
Siebel Applications
Oracle Fusion Applications
Oracle Communications ASAP
Oracle Communications Core Session Manager
Oracle Communications EAGLE Application Processor
Oracle Communications Messaging Server
Oracle Communications Network Charging and Control
Oracle Communications Operations Monitor
Oracle Communications Policy Management
Oracle Communications Session Border Controller
Oracle Communications Unified Session Manager
Oracle Enterprise Communications Broker
Oracle Banking Platform
Oracle Financial Services Lending and Leasing
Oracle FLEXCUBE Direct Banking
Oracle Health Sciences Clinical Development Center
Oracle Health Sciences Information Manager
Oracle Healthcare Analytics Data Integration
Oracle Healthcare Master Person Index
Oracle Documaker
Oracle Insurance Calculation Engine
Oracle Insurance Policy Administration J2EE
Oracle Insurance Rules Palette
MICROS Retail XBRi Loss Prevention
Oracle Retail Central
Oracle Back Office
Oracle Returns Management
Oracle Retail Integration Bus
Oracle Retail Order Broker
Oracle Retail Service Backbone
Oracle Retail Store Inventory Management
Oracle Utilities Framework
Oracle Utilities Network Management System
Oracle Utilities Work and Asset Management
Oracle In-Memory Policy Analytics
Oracle Policy Automation
Oracle Policy Automation Connector for Siebel
Oracle Policy Automation for Mobile Devices
Primavera Contract Management
Primavera P6 Enterprise Project Portfolio Management
Oracle Java SE
Oracle Java SE Embedded
Oracle JRockit
40G 10G 72/64 Ethernet Switch
Fujitsu M10-1 Servers
Fujitsu M10-4 Servers
Fujitsu M10-4S Servers
ILOM
Oracle Switch ES1-24
Solaris
Solaris Cluster
SPARC Enterprise M3000 Servers
SPARC Enterprise M4000 Servers
SPARC Enterprise M5000 Servers
SPARC Enterprise M8000 Servers
SPARC Enterprise M9000 Servers
Sun Blade 6000 Ethernet Switched NEM 24P 10GE
Sun Data Center InfiniBand Switch 36
Sun Network 10GE Switch 72p
Sun Network QDR InfiniBand Gateway Switch
Oracle Secure Global Desktop
Oracle VM VirtualBox
MySQL Server
Exploiting the most severe of these vulnerabilities may potentially compromise the database server or the host operating system. Oracle Integrated Lights Out Manager is prone to a remote security vulnerability in Integrated Lights Out Manager.
The vulnerability can be exploited over the 'HTTPS' protocol. The 'Emulex' sub component is affected.
This vulnerability affects the following supported versions:
3.0, 3.1, 3.2
VAR-201607-0386 | CVE-2016-4529 | Schneider Electric M171/M172 Logic Controller for SoMachine HVAC Programming of ActiveX Vulnerability in arbitrary code execution in control |
CVSS V2: 7.5 CVSS V3: 7.3 Severity: HIGH |
An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the SetDataIntf method of the AxEditGrid control. The control has an untrusted pointer dereference vulnerability because it blindly calls an attacker-supplied memory address. A remote attacker can leverage this vulnerability to execute arbitrary code under the context of the process. Schneider Electric SoMachine HVAC Programming Software for M171 / M172 Controllers is a set of M171 / M172 controller-specific programming software from Schneider Electric (France). Failed attacks will likely cause denial-of-service conditions
VAR-201607-0457 | CVE-2016-5804 | plural Moxa MGate Vulnerabilities that can bypass product authentication |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value. MoxaMGateMB3180 and others are gateway products of Moxa. A number of Moxa products have security vulnerabilities that originate from weak encryption algorithms used by programs. A remote attacker can exploit this vulnerability to bypass authentication by implementing brute force attacks. This may lead to further attacks.
The following products are affected :
Moxa MGate MB3180, versions prior to v1.8 are vulnerable.
Moxa MGate MB3280, versions prior to v2.7 are vulnerable.
Moxa MGate MB3480, versions prior to v2.6 are vulnerable.
Moxa MGate MB3170, versions prior to v2.5 are vulnerable.
Moxa MGate MB3270, versions prior to v2.7 are vulnerable. Moxa MGate MB3180 etc
VAR-201607-0434 | CVE-2016-1456 | Cisco IOS XR of CLI In a privileged context at OS Command execution vulnerability |
CVSS V2: 7.2 CVSS V3: 7.8 Severity: HIGH |
The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to execute arbitrary OS commands in a privileged context by leveraging unspecified container access, aka Bug ID CSCuz62721. Cisco IOSXR is a fully modular, distributed networked operating system in the Cisco IOS software family. There is a security vulnerability in the CLI in Cisco IOSXR 6.x to 6.0.1. A local attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges.
This issue is being tracked by Cisco bug ID CSCuz62721
VAR-201607-0429 | CVE-2016-1448 | Cisco WebEx Meetings Server Vulnerable to cross-site request forgery |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.7 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuy92706.
An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.
This issue is being tracked by Cisco Bug ID CSCuy92706. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution
VAR-201607-0427 | CVE-2016-1446 | Cisco WebEx Meetings Server In SQL Injection vulnerability |
CVSS V2: 6.5 CVSS V3: 8.8 Severity: HIGH |
SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue is being tracked by Cisco Bug ID CSCuy83200. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution
VAR-201607-0428 | CVE-2016-1447 | Cisco WebEx Meetings Server Management interface cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194. Vendors have confirmed this vulnerability Bug ID CSCuy83194 It is released as.By any third party Web Script or HTML May be inserted.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
This issue is being tracked by Cisco Bug ID CSCuy83194. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution
VAR-201607-0430 | CVE-2016-1449 | Cisco WebEx Meetings Server Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
This issue is being tracked by Cisco Bug ID CSCuy92711. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution
VAR-201607-0431 | CVE-2016-1450 | Cisco WebEx Meetings Server Vulnerable to command injection attacks |
CVSS V2: 6.0 CVSS V3: 7.5 Severity: HIGH |
Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715. Cisco WebEx Meetings Server Contains a vulnerability that allows a command injection attack to be executed.
Successfully exploiting this issue may allow an attacker to execute arbitrary commands in context of the affected system.
This issue is being tracked by Cisco bug ID CSCuy92715. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution. A security vulnerability exists in CWMS version 2.6
VAR-201607-0432 | CVE-2016-1451 | Cisco Meeting Server of Web -Based scripting interface cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.
The issue is being tracked by Cisco Bug ID CSCva19922.
Cisco Meeting Server 1.7 through 1.9 are vulnerable
VAR-201607-0384 | CVE-2016-4520 | Schneider Electric Pelco Digital Sentry Vulnerability in the access rights of video management system firmware |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlA third party could gain access and thus execute arbitrary code.
Attackers can exploit this issue to bypass the authentication mechanism and gain access to the vulnerable device
VAR-201907-1027 | CVE-2016-5236 | F5 WebSafe Alert Server Vulnerable to cross-site scripting |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature. F5 WebSafe Alert Server Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Versions prior to WebSafe Alert Server 3.9.5 are vulnerable. F5 WebSafe is a set of network fraud protection solutions from F5 Corporation of the United States. The solution provides malware and fraud detection, client mobile threat protection, and more. F5 WebSafe Dashboard is one of the dashboard components
VAR-201609-0050 | CVE-2016-6179 | Huawei Honor6 Smartphone software WiFi Service disruption in drivers (DoS) Vulnerabilities |
CVSS V2: 6.9 CVSS V3: 7.0 Severity: HIGH |
The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlDenial of service operations through a specially crafted application by an attacker ( System crash ) It may be put into a state or it may be authorized. HuaweiHonor6 is a smartphone product. Huawei Honor6 Smart Phone is prone to a local privilege-escalation vulnerability. An input validation vulnerability exists in the WiFi driver in Huawei Honor6. The following versions are affected: Huawei Honor6 before H60-L01C00B850, before H60-L11C00B850, before H60-L21C00B850, before H60-L02C00B850, before H60-L12C00B850, before H60-L03C01B850
VAR-201703-0050 | CVE-2016-6206 | Huawei AR3200 Service disruption in router software (DoS) Vulnerabilities |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. HuaweiAR3200 is an AR3200 series enterprise router product. Huawei AR3200 Routers are prone to a remote code-execution vulnerability. Failed exploit attempts may cause a denial-of-service condition. An input validation vulnerability exists in the Huawei AR3200 router. The following versions are affected: AR3200 V200R001C00 Version, V200R001C01 Version, V200R002C00 Version, V200R002C01 Version, V200R002C02 Version, V200R002C05 Version, V200R003C00 Version, V200R003C01 Version, V200R003C05 Version, V200R005C00 Version, V200R005C10 Version, V200R005C20 Version, V200R005C21 Version, V200R005C30 Version, V200R005C31 Version , version V200R005C32, version V200R006C00, version V200R006C10, version V200R006C11, version V200R006C12, version V200R006C13, version V200R006C15, version V200R006C16, version V200R006C17
VAR-201608-0019 | CVE-2016-6178 | plural Huawei Service disruption in device software (DoS) Vulnerabilities |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet. HuaweiNE40E is a router product of China Huawei. Multiple Huawei Products are prone to a remote code-execution vulnerability. Failed exploit attempts may cause a denial-of-service condition. Input validation vulnerabilities exist in several Huawei products
VAR-201608-0034 | CVE-2016-6192 | Huawei P8 Smartphone software Wi-Fi Driver buffer overflow vulnerability |
CVSS V2: 9.3 CVSS V3: 7.3 Severity: HIGH |
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193. HuaweiP8 is a smartphone product from China's Huawei company. A local buffer overflow vulnerability exists in HuaweiP8 that could be exploited by a local attacker to execute arbitrary code in an affected application. Huawei P8 is prone to multiple local buffer-overflow vulnerabilities because it fails to adequate boundary checks on user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions
VAR-201608-0035 | CVE-2016-6193 | Huawei P8 Smartphone software Wi-Fi Driver buffer overflow vulnerability |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192. HuaweiP8 is a smartphone product from China's Huawei company. A local buffer overflow vulnerability exists in HuaweiP8 that could be exploited by a local attacker to execute arbitrary code in an affected application. Huawei P8 is prone to multiple local buffer-overflow vulnerabilities because it fails to adequate boundary checks on user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions
VAR-201607-0420 | CVE-2016-1426 | Cisco NCS 6000 Run on device IOS XR Service disruption in (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819. The Cisco IOSXRonNCS6000 is a set of operating systems running on 6000 series routers from Cisco. A denial of service vulnerability exists in Cisco IOSXR 5.x through 5.2.5 on the NCS6000 device due to a program failing to properly manage system timer resources. A remote attacker could exploit the vulnerability by sending a large number of SecureShell (SSH) connections to cause a denial of service (timer consumption and RouteProcessor overloading). Cisco IOS XR is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to reload the affected device, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCux76819.
Cisco IOS XR for Cisco Network Convergence System 6000 (NCS 6000) is vulnerable
VAR-201607-0433 | CVE-2016-1452 | Cisco ASR 5000 Series Information Disclosure Vulnerability |
CVSS V2: 6.4 CVSS V3: 6.5 Severity: MEDIUM |
Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. Cisco ASR 5000 Device software includes SNMP There are vulnerabilities whose settings can be changed via. Vendors have confirmed this vulnerability Bug ID CSCuz29526 It is released as. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlLead by a third party - Light (read-write) By using community information, SNMP Settings may be changed via. The Cisco ASR5000 is the ASR5000 series of multi-function router products from Cisco. An information disclosure vulnerability exists in CiscoASR5000deviceswithsoftware18.3 to 20.0.0. A remote attacker can exploit this vulnerability to change configuration information. Cisco ASR 5000 Series is prone to an information-disclosure vulnerability.
Successful exploits may allow an attacker to obtain sensitive information that may lead to further attacks
VAR-201609-0027 | CVE-2016-1279 | Juniper Junos OS of J-Web Vulnerability in which important information is obtained |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, and 15.1R before 15.1R3 might allow remote attackers to obtain sensitive information and consequently gain administrative privileges via unspecified vectors. Juniper Junos is prone to a remote privilege-escalation vulnerability.
An attacker can exploit this vulnerability to gain administrative privileges. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. J-Web is one of the network management tools. The following versions are affected: Juniper Junos OS prior to 12.1X46-D45, 12.1X46-D50, 12.1X47 prior to 12.1X47-D35, 12.3 prior to 12.3R12, 12.3X48 prior to 12.3X48-D25, 13.3 13.3 before R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, 15.1R before 15.1R3