VARIoT IoT vulnerabilities database

Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality and integrity via vectors related to Emulex. Oracle has released advance notification regarding the July 2016 Critical Patch Update (CPU) to be released on July 19, 2016. The update addresses 276 vulnerabilities affecting the following software: Oracle Application Express Oracle Database Server Oracle Access Manager Oracle BI Publisher Oracle Business Intelligence Enterprise Edition Oracle Directory Server Enterprise Edition Oracle Exalogic Infrastructure Oracle Fusion Middleware Oracle GlassFish Server Oracle HTTP Server Oracle JDeveloper Oracle Portal Oracle WebCenter Sites Oracle WebLogic Server Outside In Technology Hyperion Financial Reporting Enterprise Manager Base Platform Enterprise Manager for Fusion Middleware Enterprise Manager Ops Center Oracle E-Business Suite Oracle Agile Engineering Data Management Oracle Agile PLM Oracle Demand Planning Oracle Engineering Data Management Oracle Transportation Management PeopleSoft Enterprise FSCM PeopleSoft Enterprise PeopleTools JD Edwards EnterpriseOne Tools Siebel Applications Oracle Fusion Applications Oracle Communications ASAP Oracle Communications Core Session Manager Oracle Communications EAGLE Application Processor Oracle Communications Messaging Server Oracle Communications Network Charging and Control Oracle Communications Operations Monitor Oracle Communications Policy Management Oracle Communications Session Border Controller Oracle Communications Unified Session Manager Oracle Enterprise Communications Broker Oracle Banking Platform Oracle Financial Services Lending and Leasing Oracle FLEXCUBE Direct Banking Oracle Health Sciences Clinical Development Center Oracle Health Sciences Information Manager Oracle Healthcare Analytics Data Integration Oracle Healthcare Master Person Index Oracle Documaker Oracle Insurance Calculation Engine Oracle Insurance Policy Administration J2EE Oracle Insurance Rules Palette MICROS Retail XBRi Loss Prevention Oracle Retail Central Oracle Back Office Oracle Returns Management Oracle Retail Integration Bus Oracle Retail Order Broker Oracle Retail Service Backbone Oracle Retail Store Inventory Management Oracle Utilities Framework Oracle Utilities Network Management System Oracle Utilities Work and Asset Management Oracle In-Memory Policy Analytics Oracle Policy Automation Oracle Policy Automation Connector for Siebel Oracle Policy Automation for Mobile Devices Primavera Contract Management Primavera P6 Enterprise Project Portfolio Management Oracle Java SE Oracle Java SE Embedded Oracle JRockit 40G 10G 72/64 Ethernet Switch Fujitsu M10-1 Servers Fujitsu M10-4 Servers Fujitsu M10-4S Servers ILOM Oracle Switch ES1-24 Solaris Solaris Cluster SPARC Enterprise M3000 Servers SPARC Enterprise M4000 Servers SPARC Enterprise M5000 Servers SPARC Enterprise M8000 Servers SPARC Enterprise M9000 Servers Sun Blade 6000 Ethernet Switched NEM 24P 10GE Sun Data Center InfiniBand Switch 36 Sun Network 10GE Switch 72p Sun Network QDR InfiniBand Gateway Switch Oracle Secure Global Desktop Oracle VM VirtualBox MySQL Server Exploiting the most severe of these vulnerabilities may potentially compromise the database server or the host operating system. Oracle Integrated Lights Out Manager is prone to a remote security vulnerability in Integrated Lights Out Manager. The vulnerability can be exploited over the 'HTTPS' protocol. The 'Emulex' sub component is affected. This vulnerability affects the following supported versions: 3.0, 3.1, 3.2

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the SetDataIntf method of the AxEditGrid control. The control has an untrusted pointer dereference vulnerability because it blindly calls an attacker-supplied memory address. A remote attacker can leverage this vulnerability to execute arbitrary code under the context of the process. Schneider Electric SoMachine HVAC Programming Software for M171 / M172 Controllers is a set of M171 / M172 controller-specific programming software from Schneider Electric (France). Failed attacks will likely cause denial-of-service conditions

Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value. MoxaMGateMB3180 and others are gateway products of Moxa. A number of Moxa products have security vulnerabilities that originate from weak encryption algorithms used by programs. A remote attacker can exploit this vulnerability to bypass authentication by implementing brute force attacks. This may lead to further attacks. The following products are affected : Moxa MGate MB3180, versions prior to v1.8 are vulnerable. Moxa MGate MB3280, versions prior to v2.7 are vulnerable. Moxa MGate MB3480, versions prior to v2.6 are vulnerable. Moxa MGate MB3170, versions prior to v2.5 are vulnerable. Moxa MGate MB3270, versions prior to v2.7 are vulnerable. Moxa MGate MB3180 etc

The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to execute arbitrary OS commands in a privileged context by leveraging unspecified container access, aka Bug ID CSCuz62721. Cisco IOSXR is a fully modular, distributed networked operating system in the Cisco IOS software family. There is a security vulnerability in the CLI in Cisco IOSXR 6.x to 6.0.1. A local attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges. This issue is being tracked by Cisco bug ID CSCuz62721

Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.7 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuy92706. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by Cisco Bug ID CSCuy92706. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution

SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. This issue is being tracked by Cisco Bug ID CSCuy83200. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution

Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194. Vendors have confirmed this vulnerability Bug ID CSCuy83194 It is released as.By any third party Web Script or HTML May be inserted. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuy83194. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution

Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuy92711. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution

Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715. Cisco WebEx Meetings Server Contains a vulnerability that allows a command injection attack to be executed. Successfully exploiting this issue may allow an attacker to execute arbitrary commands in context of the affected system. This issue is being tracked by Cisco bug ID CSCuy92715. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution. A security vulnerability exists in CWMS version 2.6

Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. The issue is being tracked by Cisco Bug ID CSCva19922. Cisco Meeting Server 1.7 through 1.9 are vulnerable

Schneider Electric Pelco Digital Sentry Video Management System with firmware before 7.14 has hardcoded credentials, which allows remote attackers to obtain access, and consequently execute arbitrary code, via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlA third party could gain access and thus execute arbitrary code. Attackers can exploit this issue to bypass the authentication mechanism and gain access to the vulnerable device

Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature. F5 WebSafe Alert Server Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Versions prior to WebSafe Alert Server 3.9.5 are vulnerable. F5 WebSafe is a set of network fraud protection solutions from F5 Corporation of the United States. The solution provides malware and fraud detection, client mobile threat protection, and more. F5 WebSafe Dashboard is one of the dashboard components

The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlDenial of service operations through a specially crafted application by an attacker ( System crash ) It may be put into a state or it may be authorized. HuaweiHonor6 is a smartphone product. Huawei Honor6 Smart Phone is prone to a local privilege-escalation vulnerability. An input validation vulnerability exists in the WiFi driver in Huawei Honor6. The following versions are affected: Huawei Honor6 before H60-L01C00B850, before H60-L11C00B850, before H60-L21C00B850, before H60-L02C00B850, before H60-L12C00B850, before H60-L03C01B850

Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. HuaweiAR3200 is an AR3200 series enterprise router product. Huawei AR3200 Routers are prone to a remote code-execution vulnerability. Failed exploit attempts may cause a denial-of-service condition. An input validation vulnerability exists in the Huawei AR3200 router. The following versions are affected: AR3200 V200R001C00 Version, V200R001C01 Version, V200R002C00 Version, V200R002C01 Version, V200R002C02 Version, V200R002C05 Version, V200R003C00 Version, V200R003C01 Version, V200R003C05 Version, V200R005C00 Version, V200R005C10 Version, V200R005C20 Version, V200R005C21 Version, V200R005C30 Version, V200R005C31 Version , version V200R005C32, version V200R006C00, version V200R006C10, version V200R006C11, version V200R006C12, version V200R006C13, version V200R006C15, version V200R006C16, version V200R006C17

Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet. HuaweiNE40E is a router product of China Huawei. Multiple Huawei Products are prone to a remote code-execution vulnerability. Failed exploit attempts may cause a denial-of-service condition. Input validation vulnerabilities exist in several Huawei products

Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6193. HuaweiP8 is a smartphone product from China's Huawei company. A local buffer overflow vulnerability exists in HuaweiP8 that could be exploited by a local attacker to execute arbitrary code in an affected application. Huawei P8 is prone to multiple local buffer-overflow vulnerabilities because it fails to adequate boundary checks on user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions

Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192. HuaweiP8 is a smartphone product from China's Huawei company. A local buffer overflow vulnerability exists in HuaweiP8 that could be exploited by a local attacker to execute arbitrary code in an affected application. Huawei P8 is prone to multiple local buffer-overflow vulnerabilities because it fails to adequate boundary checks on user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions

Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819. The Cisco IOSXRonNCS6000 is a set of operating systems running on 6000 series routers from Cisco. A denial of service vulnerability exists in Cisco IOSXR 5.x through 5.2.5 on the NCS6000 device due to a program failing to properly manage system timer resources. A remote attacker could exploit the vulnerability by sending a large number of SecureShell (SSH) connections to cause a denial of service (timer consumption and RouteProcessor overloading). Cisco IOS XR is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCux76819. Cisco IOS XR for Cisco Network Convergence System 6000 (NCS 6000) is vulnerable

Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. Cisco ASR 5000 Device software includes SNMP There are vulnerabilities whose settings can be changed via. Vendors have confirmed this vulnerability Bug ID CSCuz29526 It is released as. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlLead by a third party - Light (read-write) By using community information, SNMP Settings may be changed via. The Cisco ASR5000 is the ASR5000 series of multi-function router products from Cisco. An information disclosure vulnerability exists in CiscoASR5000deviceswithsoftware18.3 to 20.0.0. A remote attacker can exploit this vulnerability to change configuration information. Cisco ASR 5000 Series is prone to an information-disclosure vulnerability. Successful exploits may allow an attacker to obtain sensitive information that may lead to further attacks

J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, and 15.1R before 15.1R3 might allow remote attackers to obtain sensitive information and consequently gain administrative privileges via unspecified vectors. Juniper Junos is prone to a remote privilege-escalation vulnerability. An attacker can exploit this vulnerability to gain administrative privileges. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. J-Web is one of the network management tools. The following versions are affected: Juniper Junos OS prior to 12.1X46-D45, 12.1X46-D50, 12.1X47 prior to 12.1X47-D35, 12.3 prior to 12.3R12, 12.3X48 prior to 12.3X48-D25, 13.3 13.3 before R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, 15.1R before 15.1R3