cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-20246,https://securityvulnerability.io/vulnerability/CVE-2023-20246,Access Control Bypass Vulnerability in Cisco Products,"A vulnerability exists in Cisco's Snort access control policies that can be exploited by an unauthenticated remote attacker. This flaw results from a logic error during the population of access control policies, allowing the attacker to bypass existing rules configured on affected Cisco devices. By establishing a connection to these devices, an attacker could effectively circumvent security measures in place, posing a significant risk to network integrity and data protection.",Cisco,"Cisco Firepower Threat Defense Software,Cisco Umbrella Insights Virtual Appliance",5.8,MEDIUM,0.0008900000248104334,false,,false,false,true,2024-09-06T17:15:03.000Z,,false,false,,2023-11-01T18:15:00.000Z,0
CVE-2023-20071,https://securityvulnerability.io/vulnerability/CVE-2023-20071,Vulnerability in Snort Detection Engine Affects Cisco Products,"A vulnerability exists within the FTP module of Cisco's Snort detection engine, which enables unauthenticated, remote attackers to potentially bypass established security policies on affected systems. By sending specifically crafted FTP traffic, attackers can exploit this flaw to evade FTP inspections and potentially deliver malicious payloads. This poses a significant risk to network integrity, allowing unauthorized access and potentially harmful activities.",Cisco,"Cisco Firepower Threat Defense Software,Cisco Umbrella Insights Virtual Appliance,Cisco Cyber Vision,Cisco UTD SNORT IPS Engine Software",5.8,MEDIUM,0.0009500000160187483,false,,false,false,false,,,false,false,,2023-11-01T18:15:00.000Z,0
CVE-2022-20922,https://securityvulnerability.io/vulnerability/CVE-2022-20922,Multiple Vulnerabilities in Cisco's Snort Detection Engine Affecting SMB2 Traffic,"Multiple vulnerabilities within the Server Message Block Version 2 (SMB2) processing capabilities of Cisco's Snort detection engine could be exploited by an unauthenticated remote attacker. By sending a high volume of specific SMB2 packets, attackers can disrupt the service by forcing the Snort process to reload, leading to a denial of service (DoS) condition. Furthermore, if the Snort preserve-connection option is enabled—default for Snort 3—attackers may also bypass existing security policies, allowing malicious payloads to infiltrate the protected network.",Cisco,"Cisco Firepower Threat Defense Software,Cisco Umbrella Insights Virtual Appliance,Cisco Cyber Vision",5.8,MEDIUM,0.001290000043809414,false,,false,false,true,2024-08-03T03:15:47.000Z,,false,false,,2022-11-15T21:15:00.000Z,0
CVE-2022-20805,https://securityvulnerability.io/vulnerability/CVE-2022-20805,Cisco Umbrella Secure Web Gateway File Decryption Bypass Vulnerability,"A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to how the decryption function uses the TLS Sever Name Indication (SNI) extension of an HTTP request to discover the destination domain and determine if the request needs to be decrypted. An attacker could exploit this vulnerability by sending a crafted request over TLS from a client to an unknown or controlled URL. A successful exploit could allow an attacker to bypass the decryption process of Cisco Umbrella SWG and allow malicious content to be downloaded to a host on a protected network. There are workarounds that address this vulnerability.",Cisco,Cisco Umbrella Insights Virtual Appliance,4.1,MEDIUM,0.0004400000034365803,false,,false,false,true,2024-08-03T03:15:42.000Z,,false,false,,2022-04-21T19:15:00.000Z,0
CVE-2022-20773,https://securityvulnerability.io/vulnerability/CVE-2022-20773,Cisco Umbrella Virtual Appliance Static SSH Host Key Vulnerability,"A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA.",Cisco,Cisco Umbrella Insights Virtual Appliance,7.5,HIGH,0.002050000010058284,false,,false,false,true,2024-08-03T03:15:40.000Z,,false,false,,2022-04-21T19:15:00.000Z,0
CVE-2022-20738,https://securityvulnerability.io/vulnerability/CVE-2022-20738,Cisco Umbrella Secure Web Gateway File Inspection Bypass Vulnerability,"A vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthenticated, remote attacker to bypass the file inspection feature. This vulnerability is due to insufficient restrictions in the file inspection feature. An attacker could exploit this vulnerability by downloading a crafted payload through specific methods. A successful exploit could allow the attacker to bypass file inspection protections and download a malicious payload.",Cisco,Cisco Umbrella Insights Virtual Appliance,5.8,MEDIUM,0.003160000080242753,false,,false,false,true,2024-08-03T03:15:39.000Z,,false,false,,2022-02-10T18:15:00.000Z,0
CVE-2021-40126,https://securityvulnerability.io/vulnerability/CVE-2021-40126,Cisco Umbrella Email Enumeration Vulnerability,"A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote attacker to perform an email enumeration attack against the Umbrella infrastructure. This vulnerability is due to an overly descriptive error message on the dashboard that appears when a user attempts to modify their email address when the new address already exists in the system. An attacker could exploit this vulnerability by attempting to modify the user's email address. A successful exploit could allow the attacker to enumerate email addresses of users in the system.",Cisco,Cisco Umbrella Insights Virtual Appliance,4.3,MEDIUM,0.0007300000288523734,false,,false,false,true,2024-08-04T03:16:55.000Z,,false,false,,2021-11-04T16:15:00.000Z,0
CVE-2021-1474,https://securityvulnerability.io/vulnerability/CVE-2021-1474,Cisco Umbrella Link and CSV Formula Injection Vulnerabilities,"Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Umbrella Insights Virtual Appliance,6.5,MEDIUM,0.0008699999889358878,false,,false,false,true,2024-08-03T17:15:57.000Z,,false,false,,2021-04-08T04:15:00.000Z,0
CVE-2021-1475,https://securityvulnerability.io/vulnerability/CVE-2021-1475,Cisco Umbrella Link and CSV Formula Injection Vulnerabilities,"Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Umbrella Insights Virtual Appliance,6.5,MEDIUM,0.0007099999929778278,false,,false,false,true,2024-08-03T17:15:57.000Z,,false,false,,2021-04-08T04:15:00.000Z,0
CVE-2021-1350,https://securityvulnerability.io/vulnerability/CVE-2021-1350,Cisco Umbrella Dashboard Packet Flood Vulnerability,"A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote attacker to negatively affect the performance of this service. The vulnerability exists due to insufficient rate limiting controls in the web UI. An attacker could exploit this vulnerability by sending crafted HTTPS packets at a high and sustained rate. A successful exploit could allow the attacker to negatively affect the performance of the web UI. Cisco has addressed this vulnerability.",Cisco,Cisco Umbrella Insights Virtual Appliance,5.3,MEDIUM,0.0009899999713525176,false,,false,false,true,2024-08-03T17:15:51.000Z,,false,false,,2021-01-20T00:00:00.000Z,0
CVE-2017-12350,https://securityvulnerability.io/vulnerability/CVE-2017-12350,,"A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affected virtual appliance. A successful exploit could allow the attacker to log in to the affected appliance with root privileges. Cisco Bug IDs: CSCvg31220.",Cisco,Cisco Umbrella Insights Virtual Appliance,8.2,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-11-16T07:00:00.000Z,0