Known Vulnerabilities for Connected Mobile Experiences by Cisco

Listed below are 6 of the newest known vulnerabilities associated with "Connected Mobile Experiences" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-1522 A vulnerability in the change password API of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, remote a... 4.3 - MEDIUM 2021-08-04 2021-08-11
CVE-2021-1144 A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow a remote, authenticated attacker without administrati... 8.8 - HIGH 2021-01-13 2021-01-20
CVE-2021-1143 A vulnerability in Cisco Connected Mobile Experiences (CMX) API authorizations could allow an authenticated, remote attacker ... 4.3 - MEDIUM 2021-01-13 2022-08-05
CVE-2020-3152 A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow an authenticated, local attacker with administrative ... 6.7 - MEDIUM 2020-08-26 2020-09-01
CVE-2020-3151 A vulnerability in the CLI of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, local attacker with admi... 6.7 - MEDIUM 2020-08-26 2020-09-01
CVE-2019-1645 A vulnerability in the Cisco Connected Mobile Experiences (CMX) software could allow an unauthenticated, adjacent attacker to... 4.3 - MEDIUM 2019-01-24 2019-10-09

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationCiscoConnected Mobile Experiences10.6.2AllAllAll
ApplicationCiscoConnected Mobile Experiences10.6.1AllAllAll
ApplicationCiscoConnected Mobile Experiences10.6.0AllAllAll

Popular searches for Connected Mobile Experiences

Cisco DNA Spaces

www.cisco.com/c/en/us/solutions/enterprise-networks/dna-spaces/index.html

Cisco DNA Spaces Get more from your Cisco wireless network with Cisco b ` ^ DNA Spaces, including location analytics with behavior metrics, engagement toolkits, and APIs

www.cisco.com/c/en/us/solutions/enterprise-networks/connected-mobile-experiences/index.html www.cisco.com/c/en/us/solutions/enterprise-networks/connected-mobile-experiences/index.html www.cisco.com/en/US/products/ps9742/index.html www.cisco.com/go/cmx www.cisco.com/en/US/netsol/ns1205/index.html www.cisco.com/en/US/products/ps9742/index.html www.cisco.com/c/es_mx/solutions/enterprise-networks/connected-mobile-experiences/index.html www.cisco.com/c/en/us/products/wireless/mobility-services-engine/index.html cmxcloud.cisco.com Cisco Systems DNA Spaces (software) Application programming interface Analytics Wireless network Application software Internet of things Wireless Location-based service Performance indicator Windows Live Spaces Enterprise software Business Digitization Behavior Use case Resilience (network) Software development kit Computer network

Cisco Security Advisory: Cisco Connected Mobile Experiences Privilege Escalation Vulnerability

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmxpe-75Asy9k

Cisco Security Advisory: Cisco Connected Mobile Experiences Privilege Escalation Vulnerability vulnerability in Cisco Connected Mobile Experiences CMX could allow a remote, authenticated attacker without administrative privileges to alter the password of any user on an affected system. The vulnerability is due to incorrect handling of authorization checks for changing a password. An authenticated attacker without administrative privileges could exploit this vulnerability by sending a modified HTTP request to an affected device. A successful exploit could allow the attacker to alter the passwords of any user on the system, including an administrative user, and then impersonate that user. Cisco CiscoSecurityAdvisory/ isco Asy9k

Cisco Systems Vulnerability (computing) Password User (computing) Security hacker Exploit (computer security) Superuser Authentication Privilege escalation Computer security Windows Metafile vulnerability Patch (computing) Mobile computing CMX Systems Hypertext Transfer Protocol Software Authorization Mobile phone Security System administrator

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report