Search Results (594 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-3510 1 Cisco 51 Catalyst C9200-24p, Catalyst C9200-24t, Catalyst C9200-48p and 48 more 2024-11-21 8.6 High
A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is due to insufficient error handling when parsing DNS requests. An attacker could exploit this vulnerability by sending a series of malicious DNS requests to an Umbrella Connector client interface of an affected device. A successful exploit could allow the attacker to cause a crash of the iosd process, which triggers a reload of the affected device.
CVE-2020-3509 1 Cisco 2 Cbr-8, Ios Xe 2024-11-21 8.6 High
A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: 10 Gbps Ethernet interfaces 100 Gbps Ethernet interfaces Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces
CVE-2020-35591 1 Pi-hole 1 Pi-hole 2024-11-21 5.4 Medium
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes valid, giving the attacker access to the user's account through the active session.
CVE-2020-35229 1 Netgear 4 Gs116e, Gs116e Firmware, Jgs516pe and 1 more 2024-11-21 8.8 High
The authentication token required to execute NSDP write requests on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices is not properly invalidated and can be reused until a new token is generated, which allows attackers (with access to network traffic) to effectively gain administrative privileges.
CVE-2020-35166 2 Dell, Oracle 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more 2024-11-21 5.1 Medium
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
CVE-2020-35164 2 Dell, Oracle 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more 2024-11-21 6.7 Medium
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
CVE-2020-2102 2 Jenkins, Redhat 2 Jenkins, Openshift 2024-11-21 5.3 Medium
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.
CVE-2020-2101 2 Jenkins, Redhat 2 Jenkins, Openshift 2024-11-21 5.3 Medium
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.
CVE-2020-29506 2 Dell, Oracle 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more 2024-11-21 6.8 Medium
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
CVE-2020-28368 3 Debian, Fedoraproject, Xen 3 Debian Linux, Fedora, Xen 2024-11-21 4.4 Medium
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
CVE-2020-25659 3 Cryptography.io, Oracle, Redhat 5 Cryptography, Communications Cloud Native Core Network Function Cloud Native Environment, Enterprise Linux and 2 more 2024-11-21 5.9 Medium
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
CVE-2020-25658 3 Fedoraproject, Python-rsa Project, Redhat 5 Fedora, Python-rsa, Ceph Storage and 2 more 2024-11-21 7.5 High
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
CVE-2020-25657 3 Fedoraproject, M2crypto Project, Redhat 5 Fedora, M2crypto, Enterprise Linux and 2 more 2024-11-21 5.9 Medium
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.
CVE-2020-25198 1 Moxa 2 Nport Iaw5000a-i\/o, Nport Iaw5000a-i\/o Firmware 2024-11-21 8.8 High
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user’s cookies.
CVE-2020-1993 1 Paloaltonetworks 1 Pan-os 2024-11-21 3.7 Low
The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.8.
CVE-2020-1762 2 Kiali, Redhat 3 Kiali, Openshift Service Mesh, Service Mesh 2024-11-21 7 High
An insufficient JWT validation vulnerability was found in Kiali versions 0.4.0 to 1.15.0 and was fixed in Kiali version 1.15.1, wherein a remote attacker could abuse this flaw by stealing a valid JWT cookie and using that to spoof a user session, possibly gaining privileges to view and alter the Istio configuration.
CVE-2020-15909 1 Solarwinds 1 N-central 2024-11-21 8.8 High
SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in within N-Central. To take advantage of this, cookie could be stolen and the JSESSIONID can be captured. On its own this is not a surprising result; low security tools allow the cookie to roam from machine to machine. The JSESSION cookie can then be used on the attackers’ workstation by browsing to the victim’s NCentral server URL and replacing the JSESSIONID attribute value by the captured value. Expected behavior would be to check this against a second source and enforce at least a reauthentication or multi factor request as N-Central is a highly privileged service.
CVE-2020-15018 1 Playsms 1 Playsms 2024-11-21 6.5 Medium
playSMS through 1.4.3 is vulnerable to session fixation.
CVE-2020-14341 1 Redhat 1 Single Sign-on 2024-11-21 2.7 Low
The "Test Connection" available in v7.x of the Red Hat Single Sign On application console can permit an authorized user to cause SMTP connections to be attempted to arbitrary hosts and ports of the user's choosing, and originating from the RHSSO installation. By observing differences in the timings of these scans, an attacker may glean information about hosts and ports which they do not have access to scan directly.
CVE-2020-13229 1 Sysax 1 Multi Server 2024-11-21 8.8 High
An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token.