Skip to main content

Application Services Engine

4 CVEs product

Monthly

CVE-2021-1396 MEDIUM This Month

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Application Services Engine Application Policy Infrastructure Controller
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-1393 CRITICAL Act Now

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Application Services Engine Application Policy Infrastructure Controller
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-3335 MEDIUM PATCH This Month

A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Cisco Authentication Bypass Application Policy Infrastructure Controller Application Services Engine
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-3333 MEDIUM PATCH This Month

A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Cisco Authentication Bypass Application Policy Infrastructure Controller Application Services Engine
NVD
CVSS 3.1
5.3
EPSS
1.0%
EPSS 1% CVSS 6.5
MEDIUM This Month

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Application Services Engine +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Application Services Engine +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Cisco Authentication Bypass Application Policy Infrastructure Controller +1
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Cisco Authentication Bypass Application Policy Infrastructure Controller +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy