VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202204-1029 CVE-2022-20761 Cisco 1000  series  Connected Grid Router  Input verification vulnerability in CVSS V2: 6.1
CVSS V3: 6.5
Severity: MEDIUM
A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation. Cisco 1000 series Connected Grid Router (CGR1K) There is an input validation vulnerability in.Service operation interruption (DoS) It may be in a state
VAR-202204-1507 CVE-2022-22193 Juniper Networks Junos OS and Junos OS Evolved Security hole CVSS V2: 4.7
CVSS V3: 5.5
Severity: MEDIUM
An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traffic disruption might be seen due to the loss of routing information. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 20.3R1. Juniper Networks Junos OS Evolved versions prior to 20.3R1-EVO. Juniper Networks Junos..
VAR-202204-1617 CVE-2022-27007 nginx njs  Vulnerability in using free memory in CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save(). nginx njs Exists in a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202204-0257 CVE-2022-26507 AT&T Labs Xmill Buffer error vulnerability CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
** UNSUPPORTED WHEN ASSIGNED ** A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
VAR-202204-1570 CVE-2022-22195 Juniper Networks Junos OS Evolved Security hole CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS
VAR-202204-0581 CVE-2022-22182 Juniper Networks Junos OS Cross-site scripting vulnerability CVSS V2: 4.3
CVSS V3: 6.1
Severity: MEDIUM
A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S10, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2
VAR-202204-0646 CVE-2022-22189 Juniper Networks  Contrail Service Orchestration  Vulnerability in CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects: Juniper Networks Contrail Service Orchestration 6.0.0 versions prior to 6.0.0 Patch v3 on On-premises installations. This issue does not affect Juniper Networks Contrail Service Orchestration On-premises versions prior to 6.0.0. (DoS) It may be in a state
VAR-202204-0645 CVE-2022-22181 Juniper Networks Junos OS Cross-site scripting vulnerability CVSS V2: 3.5
CVSS V3: 5.4
Severity: MEDIUM
A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web. This may allow the attacker to gain control of the device or attack other authenticated user sessions. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2
VAR-202204-0853 CVE-2022-22197 Juniper Networks Junos OS and Junos OS Evolved Security hole CVSS V2: 4.3
CVSS V3: 7.5
Severity: HIGH
An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S2, 20.3R2. Juniper Networks Junos OS Evolved All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO
VAR-202204-0228 CVE-2022-27179 Red Lion Controls, Inc.  of  da50n  Insufficient Credential Protection Vulnerability in Firmware CVSS V2: 4.0
CVSS V3: 6.5
Severity: MEDIUM
A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised. Red Lion Controls, Inc. of da50n A firmware vulnerability related to insufficient protection of credentials exists.Information may be obtained
VAR-202204-1505 CVE-2022-22183 Juniper Networks  Junos OS Evolved  Vulnerability in CVSS V2: 7.8
CVSS V3: 7.5
Severity: HIGH
An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS. Juniper Networks Junos OS Evolved Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state
VAR-202204-0862 CVE-2022-20695 Cisco Wireless LAN Controller Software  Authentication vulnerability in CVSS V2: 9.3
CVSS V3: 10.0
Severity: CRITICAL
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication and log in to the device as an administrator. The attacker could obtain privileges that are the same level as an administrative user but it depends on the crafted credentials. Note: This vulnerability exists because of a non-default device configuration that must be present for it to be exploitable. For details about the vulnerable configuration, see the Vulnerable Products section of this advisory. (DoS) It may be in a state. Cisco Wireless LAN Controller (WLC) is a wireless LAN controller product of Cisco (Cisco). The product provides security policy, intrusion detection and other functions in the wireless local area network
VAR-202204-1189 CVE-2022-20684 Catalyst 9000  for family  Cisco IOS XE Wireless Controller  Input validation vulnerability in software CVSS V2: 6.1
CVSS V3: 6.5
Severity: MEDIUM
A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition
VAR-202204-0866 CVE-2022-28217 SAP  of  SAP NetWeaver  Server-side request forgery vulnerability in CVSS V2: 4.0
CVSS V3: 6.5
Severity: MEDIUM
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system�s Availability by causing system to crash. SAP of SAP NetWeaver Contains a server-side request forgery vulnerability.Service operation interruption (DoS) It may be in a state
VAR-202204-0266 CVE-2022-20725 Cisco IOx  Cross-site scripting vulnerabilities in application hosting environments CVSS V2: 3.5
CVSS V3: 4.8
Severity: MEDIUM
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco IOx A cross-site scripting vulnerability exists in your application hosting environment.Information may be obtained and information may be tampered with
VAR-202204-0269 CVE-2022-20726 Cisco Iox Security hole CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. Cisco Iox is a secure development environment from Cisco (Cisco) that combines Cisco IOS and Linux OS for secure network connection and development of IOT applications. A security vulnerability exists in the Cisco Iox application hosting environment that stems from insufficient error handling of socket operations. An attacker could exploit the vulnerability by sending a sustained rate of compressed TCP traffic to the IOx web server on an affected device. Successful exploitation of this vulnerability could allow an attacker to cause the IOx web server to stop processing requests, resulting in a DoS situation. The following products and versions are affected: Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway
VAR-202204-1039 CVE-2022-20676 Cisco IOS XE  Input validation vulnerability in software CVSS V2: 7.2
CVSS V3: 6.7
Severity: MEDIUM
A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation of data that is passed into the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root. By default, Tcl shell access requires privilege level 15. Cisco IOS XE The software contains an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco IOS XE is an operating system developed by Cisco for its network equipment
VAR-202204-0949 CVE-2022-20716 Cisco SD-WAN Software  Vulnerability in CVSS V2: 7.2
CVSS V3: 7.8
Severity: HIGH
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user. Cisco SD-WAN Software Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202204-1361 CVE-2022-20717 Cisco SD-WAN vEdge Router  Vulnerability in resource allocation without restrictions or throttling in CVSS V2: 4.9
CVSS V3: 5.5
Severity: MEDIUM
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. Cisco SD-WAN vEdge Router Exists in a vulnerability in resource allocation without restrictions or throttling.Service operation interruption (DoS) It may be in a state
VAR-202204-1620 CVE-2022-20677 Cisco IOS XE Encryption problem vulnerability CVSS V2: 7.2
CVSS V3: 6.7
Severity: MEDIUM
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory