Lucene search
+L

76 matches found

cnvd
cnvd
added 2022/05/23 12:0 a.m.22 views

Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability (CNVD-2022-64193)

Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...

6.1CVSS2.5AI score0.00685EPSS
Exploits0References1
cnvd
cnvd
added 2022/05/23 12:0 a.m.49 views

Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability (CNVD-2022-64197)

Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...

6.1CVSS2.4AI score0.00685EPSS
Exploits0References1
cisco
cisco
added 2022/05/18 4:0 p.m.68 views

Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...

6.1CVSS6.1AI score0.00685EPSS
Exploits0References1
attackerkb
attackerkb
added 2022/05/18 4:0 p.m.5 views

CVE-2022-20672

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...

6.1CVSS6.6AI score0.00685EPSS
Exploits0References2
nvd
nvd
added 2021/11/19 12:15 a.m.21 views

CVE-2021-40131

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

5.5CVSS0.00699EPSS
Exploits0References1
nvd
nvd
added 2021/11/19 12:15 a.m.35 views

CVE-2021-40129

A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to submit a SQL query through the CSPC configuration dashboard. This vulnerability is due to insufficient input validation of uploaded files. An attacker...

4.9CVSS0.01033EPSS
Exploits0References1
prion
prion
added 2021/11/19 12:15 a.m.16 views

Design/Logic Flaw

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

4CVSS5AI score0.01065EPSS
Exploits0References1Affected Software1
prion
prion
added 2021/11/19 12:15 a.m.16 views

Input validation

A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to submit a SQL query through the CSPC configuration dashboard. This vulnerability is due to insufficient input validation of uploaded files. An attacker...

4CVSS5.1AI score0.01033EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2021/11/19 12:0 a.m.44 views

Cisco Common Services Platform Collector Cross-Site Scripting Vulnerability

Cisco Common Services Platform Collector CSPC is an SNMP-based tool that discovers and collects information from Cisco devices installed on the network. management interface contains a stored cross-site scripting vulnerability that can be exploited by attackers using the Web management interface ...

5.5CVSS4AI score0.00699EPSS
Exploits0References1
cnvd
cnvd
added 2021/11/19 12:0 a.m.38 views

Cisco Common Services Platform Collector improper logging restrictions vulnerability

Cisco Common Services Platform Collector CSPC is an SNMP-based tool that discovers and collects information from Cisco devices installed on the network. versions of Cisco Common Services Platform Collector prior to 2.9.1.1 of the Web application contains an improper logging restriction...

4.9CVSS3AI score0.01065EPSS
Exploits0References1
cnvd
cnvd
added 2021/11/19 12:0 a.m.48 views

Cisco Common Services Platform Collector SQL Injection Vulnerability

Cisco Common Services Platform Collector CSPC is an SNMP-based tool that discovers and collects information from Cisco devices installed on the network. configuration of Cisco Common Services Platform Collector prior to version 2.9.1.1 The dashboard is vulnerable to SQL injection, which can be...

4.9CVSS3.1AI score0.01033EPSS
Exploits0References1
cve
cve
added 2021/11/18 11:50 p.m.62 views

CVE-2021-40131

CVE-2021-40131 concerns the Cisco Common Services Platform Collector (CSPC) web-based management interface. The issue is a stored cross-site scripting vulnerability caused by insufficient validation of user-supplied input processed by the CSPC web UI. An authenticated, remote attacker could injec...

5.5CVSS5.3AI score0.00699EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2021/11/18 11:50 p.m.9 views

CVE-2021-40131 Cisco Common Services Platform Collector Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

5.5CVSS6.2AI score0.00699EPSS
Exploits0References1
cvelist
cvelist
added 2021/11/18 11:50 p.m.25 views

CVE-2021-40130 Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

4.9CVSS5.4AI score0.01065EPSS
Exploits0References1
cve
cve
added 2021/11/18 11:50 p.m.54 views

CVE-2021-40130

CVE-2021-40130 affects Cisco Common Services Platform Collector (CSPC) via the web application. The vulnerability arises from improper restriction of the syslog configuration, allowing an authenticated, remote attacker to configure non-log files as sources for syslog reporting. This could let the...

4.9CVSS5AI score0.01065EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2021/11/18 11:50 p.m.9 views

CVE-2021-40129 Cisco Common Services Platform Collector SQL Injection Vulnerability

A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to submit a SQL query through the CSPC configuration dashboard. This vulnerability is due to insufficient input validation of uploaded files. An attacker...

4.9CVSS6.9AI score0.01033EPSS
Exploits0References1
cve
cve
added 2021/11/18 11:50 p.m.68 views

CVE-2021-40129

The CVE-2021-40129 vulnerability affects Cisco’s Common Services Platform Collector (CSPC). The issue is a SQL injection in the configuration dashboard caused by insufficient input validation of uploaded files, allowing an authenticated, remote attacker to upload a file containing a SQL query and...

4.9CVSS5AI score0.01033EPSS
Exploits0References1Affected Software1
cisco
cisco
added 2021/11/17 4:0 p.m.35 views

Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

4.9CVSS5AI score0.01065EPSS
Exploits0References1
cisco
cisco
added 2021/11/17 4:0 p.m.50 views

Cisco Common Services Platform Collector SQL Injection Vulnerability

A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to submit a SQL query through the CSPC configuration dashboard. This vulnerability is due to insufficient input validation of uploaded files. An attacker...

4.9CVSS5.1AI score0.01033EPSS
Exploits0References1
nvd
nvd
added 2021/11/04 4:15 p.m.21 views

CVE-2021-34774

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when...

4.9CVSS0.00964EPSS
Exploits0References1
Rows per page
Query Builder