CVE-2021-1144 – A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow a remote, authenti …

13 January 2021

Vuln ID: CVE-2021-1144

Published: 2021-01-13 22:15:14Z

Description: A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow a remote, authenticated attacker without administrative privileges to alter the password of any user on an affected system. The vulnerability is due to incorrect handling of authorization checks for changing a password. An authenticated attacker without administrative privileges could exploit this vulnerability by sending a modified HTTP request to an affected device. A successful exploit could allow the attacker to alter the passwords of any user on the system, including an administrative user, and then impersonate that user.

Source: NVD.NIST.GOV

Date:

13 January 2021

Categorie(s):

NVD

Tag(s):

NVD

TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland – SWN #38126 April 2024
Impact of organizational structure on ransomware outcomes: Where does your org fit in?26 April 2024
Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets26 April 2024
Kaiser Permanente handed over 13.4M people’s data to Microsoft, Google, others26 April 2024
Hackers make millions of attempts to exploit WordPress plugin vulnerability26 April 2024