cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20394,https://securityvulnerability.io/vulnerability/CVE-2024-20394,Unauthenticated Local Attackers Can Cause Denial of Service on Cisco AppDynamics Network Visibility Agent,"A vulnerability in Cisco AppDynamics Network Visibility Agent could allow an unauthenticated, local attacker to cause a denial of service (DoS) condition on an affected device.
 This vulnerability is due to the inability to handle unexpected input. An attacker who has local device access could exploit this vulnerability by sending an HTTP request to the targeted service. A successful exploit could allow the attacker to cause a DoS condition by stopping the Network Agent Service on the local device.",Cisco,Cisco Appdynamics,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-15T17:21:46.986Z,0
CVE-2024-20345,https://securityvulnerability.io/vulnerability/CVE-2024-20345,Cisco AppDynamics Controller Vulnerability Could Lead to Directory Traversal Attacks,"A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. 
 This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to access sensitive data on an affected device.",Cisco,Cisco Appdynamics,6.5,MEDIUM,0.0004400000034365803,false,,false,false,true,2024-11-05T19:15:09.000Z,,false,false,,2024-03-06T16:33:48.826Z,0
CVE-2024-20346,https://securityvulnerability.io/vulnerability/CVE-2024-20346,Cisco AppDynamics Controller Vulnerability Could Lead to Reflected XSS Attacks,"A vulnerability in the web-based management interface of Cisco AppDynamics Controller could allow an authenticated, remote attacker to perform a reflected cross-site scripting (XSS) attack against a user of the interface of an affected device.
 This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",Cisco,Cisco Appdynamics,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-06T16:33:26.815Z,0
CVE-2023-20274,https://securityvulnerability.io/vulnerability/CVE-2023-20274,Privilege Escalation Vulnerability in Cisco AppDynamics PHP Agent,"A vulnerability found in the installer script of the Cisco AppDynamics PHP Agent could potentially allow an authenticated, local attacker to gain higher privileges on the affected system. The issue arises from inadequate permissions set by the PHP Agent installer, permitting the modification of objects within the installation directory. An attacker capitalizing on this vulnerability could execute those modified objects with elevated privileges, enabling them to escalate to root access on the device.",Cisco,Cisco Appdynamics,7.8,HIGH,0.0004199999966658652,false,,false,false,true,2024-08-29T21:15:04.000Z,,false,false,,2023-11-21T19:15:00.000Z,0
CVE-2022-20736,https://securityvulnerability.io/vulnerability/CVE-2022-20736,Cisco AppDynamics Controller Authorization Bypass Vulnerability,"A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access. This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console. AppDynamics has released software updates that address this vulnerability.",Cisco,Cisco Appdynamics,5.3,MEDIUM,0.0006500000017695129,false,,false,false,true,2024-08-03T03:15:39.000Z,,false,false,,2022-06-15T00:00:00.000Z,0
CVE-2018-0225,https://securityvulnerability.io/vulnerability/CVE-2018-0225,,"The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 (HF4) allows SQL injection, aka the Security Advisory 2089 issue.",Cisco,Cisco Appdynamics App Iq Platform Before 4.4.3.10598 (hf4) Unknown,9.8,CRITICAL,0.0013800000306218863,false,,false,false,false,,,false,false,,2018-06-08T20:00:00.000Z,0