CVE-2021-1143 – A vulnerability in Cisco Connected Mobile Experiences (CMX) API authorizations could allow …

13 January 2021

Vuln ID: CVE-2021-1143

Published: 2021-01-13 22:15:14Z

Description: A vulnerability in Cisco Connected Mobile Experiences (CMX) API authorizations could allow an authenticated, remote attacker to enumerate what users exist on the system. The vulnerability is due to a lack of authorization checks for certain API GET requests. An attacker could exploit this vulnerability by sending specific API GET requests to an affected device. A successful exploit could allow the attacker to enumerate users of the CMX system.

Source: NVD.NIST.GOV

Date:

13 January 2021

Categorie(s):

NVD

Tag(s):

NVD

Communication is Key – Leveraging Business Frameworks to Develop a Detection and Response Strategy 23 April 2024
Russian group exploits Windows print spooler bug via ‘GooseEgg’ malware23 April 2024
UnitedHealth admits IT security breach could ‘cover substantial proportion of people in America’23 April 2024
New Bitsight, Moody’s service seeks to bolster cyber risk management23 April 2024
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)23 April 2024