CVE-2016-5650 (zp-ibh-13w, zp-ne-14-s)
ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configuration setting, which allows remote attackers to trigger association with an arbitrary access point by using a recognized SSID value.
[월:] 2016년 08월
CVE-2016-5650
CVE-2016-5650
ZModo ZP-NE14-S and ZP-IBH-13W devices do not enforce a WPA2 configuration setting, which allows remote attackers to trigger association with an arbitrary access point by using a recognized SSID value.
Source: CVE-2016-5650
CVE-2016-5645 (1766-l32awa, 1766-l32awaa, 1766-l32bwa, 1766-l32bwaa, 1766-l32bxb, 1766-l32bxba)
CVE-2016-5645 (1766-l32awa, 1766-l32awaa, 1766-l32bwa, 1766-l32bwaa, 1766-l32bxb, 1766-l32bxba)
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.
Source: CVE-2016-5645 (1766-l32awa, 1766-l32awaa, 1766-l32bwa, 1766-l32bwaa, 1766-l32bxb, 1766-l32bxba)
CVE-2016-5645
CVE-2016-5645
Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community.
Source: CVE-2016-5645
CVE-2016-5081 (zp-ibh-13w, zp-ne-14-s)
CVE-2016-5081 (zp-ibh-13w, zp-ne-14-s)
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session.
CVE-2016-5081
CVE-2016-5081
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session.
Source: CVE-2016-5081
CVE-2016-6365 (firepower_management_center)
CVE-2016-6365 (firepower_management_center)
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518.
CVE-2016-6365
CVE-2016-6365
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518.
Source: CVE-2016-6365
CVE-2016-6355 (ios_xr)
CVE-2016-6355 (ios_xr)
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791.
Source: CVE-2016-6355 (ios_xr)
CVE-2016-6364 (unified_communications_manager)
CVE-2016-6364 (unified_communications_manager)
The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855.