cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-20655,https://securityvulnerability.io/vulnerability/CVE-2022-20655,Command Injection Vulnerability in ConfD Could Allow Authenticated Attacker to Execute Arbitrary Commands with Root Privileges,"An issue within the command line interface (CLI) implementation in Cisco's ConfD can allow authenticated, local attackers to conduct command injection attacks. This vulnerability stems from insufficient validation of process arguments, enabling an attacker to inject malicious commands during execution. Successfully exploiting this vulnerability can lead to the execution of arbitrary commands on the underlying operating system with the same privileges as ConfD, often equivalent to root access, thereby posing severe risks to system security and integrity.",Cisco,"Cisco iOS Xr Software,Cisco Virtual Topology System (vts),Cisco Network Services Orchestrator,Cisco Enterprise Nfv Infrastructure Software,Cisco Catalyst Sd-wan,Cisco Catalyst Sd-wan Manager,Cisco iOS Xe Catalyst Sd-wan,Cisco Sd-wan Vedge Router,Cisco Ultra Gateway Platform,Cisco Carrier Packet Transport",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-15T15:56:42.927Z,0
CVE-2024-20381,https://securityvulnerability.io/vulnerability/CVE-2024-20381,Cisco ConfD JSON-RPC API Vulnerability Could Allow Remote Authenticated Attacker to Modify Configuration,"A vulnerability exists in the JSON-RPC API feature of Cisco's Crosswork Network Services Orchestrator and ConfD, utilized by the management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers. This vulnerability arises from improper authorization checks, allowing an authenticated remote attacker to exploit the API by sending malicious requests. A successful attack may enable the attacker to modify the configurations of affected applications or devices, potentially leading to unauthorized changes such as creating new user accounts or elevating privileges within the system.",Cisco,"Cisco iOS Xr Software,Cisco Network Services Orchestrator,Cisco Small Business Rv Series Router Firmware",8.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-09-11T16:38:42.096Z,0
CVE-2017-12345,https://securityvulnerability.io/vulnerability/CVE-2017-12345,,"Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.",Cisco,Cisco Data Center Network Manager Software,4.7,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2017-11-30T09:00:00.000Z,0
CVE-2017-12343,https://securityvulnerability.io/vulnerability/CVE-2017-12343,,"Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.",Cisco,Cisco Data Center Network Manager Software,8.8,HIGH,0.001129999989643693,false,,false,false,false,,,false,false,,2017-11-30T09:00:00.000Z,0
CVE-2017-12344,https://securityvulnerability.io/vulnerability/CVE-2017-12344,,"Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.",Cisco,Cisco Data Center Network Manager Software,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2017-11-30T09:00:00.000Z,0
CVE-2017-12346,https://securityvulnerability.io/vulnerability/CVE-2017-12346,,"Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.",Cisco,Cisco Data Center Network Manager Software,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2017-11-30T09:00:00.000Z,0
CVE-2017-12347,https://securityvulnerability.io/vulnerability/CVE-2017-12347,,"Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.",Cisco,Cisco Data Center Network Manager Software,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2017-11-30T09:00:00.000Z,0
CVE-2005-0600,https://securityvulnerability.io/vulnerability/CVE-2005-0600,,"Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via ""crafted IP packets"" that are continuously forwarded.",Cisco,"Content Distribution Manager 4650,Application And Content Networking Software,Content Engine,Content Delivery Manager,Content Distribution Manager 4630,Content Router 4450,Content Engine Module For Cisco Router,Content Router 4430,Content Distribution Manager 4670,Enterprise Content Delivery Network Software",,,0.006490000057965517,false,,false,false,false,,,false,false,,2005-02-24T05:00:00.000Z,0
CVE-2005-0598,https://securityvulnerability.io/vulnerability/CVE-2005-0598,,The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets.,Cisco,"Content Distribution Manager 4650,Application And Content Networking Software,Content Engine,Content Delivery Manager,Content Distribution Manager 4630,Content Router 4450,Content Engine Module For Cisco Router,Content Router 4430,Content Distribution Manager 4670,Enterprise Content Delivery Network Software",,,0.014069999568164349,false,,false,false,false,,,false,false,,2005-02-24T05:00:00.000Z,0