Application Services Engine
Monthly
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.