cbcvebase.

Cisco Secure Network Analytics vulnerabilities

8 known vulnerabilities affecting cisco/secure_network_analytics.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2023-20102P2HIGHCVSS 8.8≤ 7.4.12023-04-05
CVE-2023-20102 [HIGH] CWE-502 CVE-2023-20102: A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into system memory. An attacker could exploit this vulnerability b
nvd
CVE-2022-20797P3CRITICALCVSS 9.1fixed in 7.4.12022-05-27
CVE-2022-20797 [CRITICAL] CWE-20 CVE-2022-20797: A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Ci A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to insufficient user input validation by the web-based manageme
nvd
CVE-2025-20256P3HIGHCVSS 7.2v7.4.1v7.4.2+3 more2025-05-21
CVE-2025-20256 [HIGH] CWE-74 CVE-2025-20256: A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This vulnerability is due to insufficient input v
nvd
CVE-2025-20178P3HIGHCVSS 7.2v7.5.0v7.5.1+1 more2025-04-16
CVE-2025-20178 [HIGH] CWE-347 CVE-2025-20178: A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This vulnerability is due to insufficient integrity checks within device backup files. An attacker with va
nvd
CVE-2023-20103P3HIGHCVSS 7.2fixed in 7.4.22023-04-05
CVE-2023-20103 [HIGH] CWE-20 CVE-2023-20103: A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to e A vulnerability in Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code as a root user on an affected device. This vulnerability is due to insufficient validation of user input to the web interface. An attacker could exploit this vulnerability by uploading a crafted file to an affected device. A success
nvd
CVE-2025-20257P3MEDIUMCVSS 6.5v7.5.22025-05-21
CVE-2025-20257 [MEDIUM] CWE-863 CVE-2025-20257: A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Netwo A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with low privileges to generate fraudulent findings that are used to generate alarms and alerts on an affected product. Thi vulnerability is due to insufficient authorization
nvd
CVE-2022-20663P4MEDIUMCVSS 6.1fixed in 7.2.12024-11-15
CVE-2022-20663 [MEDIUM] CWE-79 CVE-2022-20663: A vulnerability in the web-based management interface of Cisco Secure Network Analytics, former A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based managemen
nvd
CVE-2022-20741P4MEDIUMCVSS 5.4fixed in 2.1.12022-04-06
CVE-2022-20741 [MEDIUM] CWE-79 CVE-2022-20741: A vulnerability in the web-based management interface of the Network Diagrams application for Cisco A vulnerability in the web-based management interface of the Network Diagrams application for Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-suppli
nvd
Cisco Secure Network Analytics vulnerabilities | cvebase