Cisco Modeling Labs
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Cisco Modeling Labs.
Recent Cisco Modeling Labs Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2023-04-19 | Cisco Modeling Labs External Authentication Bypass Vulnerability | April 19, 2023 |
| 2021-05-19 | Cisco Modeling Labs Web UI Command Injection Vulnerability | May 19, 2021 |
By the Year
In 2026 there have been 0 vulnerabilities in Cisco Modeling Labs. Modeling Labs did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 8.10 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 8.80 |
It may take a day or so for new Modeling Labs vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Modeling Labs Security Vulnerabilities
Cisco Modeling Labs Auth Bypass: Admin Privilege Escalation via External Auth
CVE-2023-20154
8.1 - High
- November 15, 2024
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges. This vulnerability is due to the improper handling of certain messages that are returned by the associated external authentication server. An attacker could exploit this vulnerability by logging in to the web interface of an affected server. Under certain conditions, the authentication mechanism would be bypassed and the attacker would be logged in as an administrator. A successful exploit could allow the attacker to obtain administrative privileges on the web interface of an affected server, including the ability to access and modify every simulation and all user-created data. To exploit this vulnerability, the attacker would need valid user credentials that are stored on the associated external authentication server. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
Authentication Bypass by Primary Weakness
A vulnerability in the web UI of Cisco Modeling Labs could
CVE-2021-1531
8.8 - High
- May 22, 2021
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. This vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected server. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the web application, virl2, on the underlying operating system of the affected server. To exploit this vulnerability, the attacker must have valid user credentials on the web UI.
Argument Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Modeling Labs or by Cisco? Click the Watch button to subscribe.
