Lucene search
K

50 matches found

OSV
OSV
added 2017/02/22 2:59 a.m.9 views

CVE-2017-3847

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. More Information: CSCvc72741. Known Affected Releases: 6.2.1...

5.4CVSS5.7AI score0.00615EPSS
Exploits0References2
OSV
OSV
added 2017/02/03 7:59 a.m.4 views

CVE-2017-3810

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0R2tanggula...

5.4CVSS5.8AI score0.01131EPSS
Exploits0References3
CNVD
CNVD
added 2016/09/21 12:0 a.m.6 views

Cisco IOS and IOS XE Cisco IOx Local Manager Cross-Site Scripting Vulnerability

Cisco IOS and IOS XE are both operating systems developed by Cisco for its network devices.Cisco IOx Local Manager is one of the local management components. A cross-site scripting vulnerability exists in the web framework in Cisco IOx Local Manager in Cisco IOS version 15.52T and IOS XE. A remot...

6.1CVSS5.7AI score0.01009EPSS
Exploits0References1
OSV
OSV
added 2016/09/18 10:59 p.m.5 views

CVE-2016-6404

Cross-site scripting XSS vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.52T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854...

6.1CVSS5.9AI score0.01009EPSS
Exploits0References3
CNVD
CNVD
added 2015/12/18 12:0 a.m.4 views

Cisco Emergency Responder Web Framework Arbitrary File Upload Vulnerability

Cisco Emergency Responder's real-time location-address tracking database and enhanced routing capabilities can transfer emergency calls directly to the appropriate Public Safety Answering Point PASP based on the caller's location. Cisco Emergency Responder 10.5 3.10000.9 fails to validate...

4CVSS7.2AI score0.0162EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/18 12:0 a.m.2 views

Cisco Emergency Responder Cross-Site Scripting Vulnerability (CNVD-2015-08365)

Cisco Emergency Responder's real-time location-address tracking database and enhanced routing capabilities can transfer emergency calls directly to the appropriate Public Safety Answering Point PASP based on the caller's location. A security vulnerability exists in the Web framework of Cisco...

4.3CVSS6.3AI score0.0095EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/22 12:0 a.m.4 views

Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability

Cisco Prime Collaboration Provisioning is the United States of America Cisco Cisco a set of Web-based next-generation communications services solutions. A security vulnerability exists in the Web framework of Cisco Prime Collaboration Assurance. A remote attacker could exploit the vulnerability b...

9CVSS6.9AI score0.02644EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/06/29 12:0 a.m.10 views

The vulnerability of the microprogramming software of the Cisco TelePresence Supervisor MSE 8050 allows a intruder to execute arbitrary code with privileges of the root user.

The vulnerability of the web-based framework of the microprogramming software for the Cisco TelePresence Supervisor MSE 8050 relates to deficiencies in access control for files. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code with...

9CVSS6AI score0.02891EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/06/29 12:0 a.m.6 views

The vulnerability of the microprogramming software of the Cisco TelePresence Server allows a intruder to execute arbitrary code with privileges of the root user.

The vulnerability of the web-based framework of the microprogramming software for Cisco TelePresence Server lies in the lack of access control for files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with privileges of a root user...

9CVSS6AI score0.02891EPSS
Exploits0References2
Prion
Prion
added 2013/06/26 9:55 p.m.10 views

Command injection

The web framework in Cisco Prime Central for Hosted Collaboration Solution HCS Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, which allows remote attackers to enumerate directories and files via a series of crafted requests, ak...

5CVSS7.3AI score0.01186EPSS
Exploits0References1
Rows per page
Query Builder