CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability occu...

6.9AI score0.00567EPSS

Exploits0References1

CNVD•added 2015/05/20 12:0 a.m.•3 views

Cisco MediaSense Cross-Site Request Forgery Vulnerability

Cisco MediaSense provides recording, playback, live streaming, and storage media, including audio and video, to improve customer service. A cross-site request forgery vulnerability exists in Cisco MediaSense that allows remote attackers to construct malicious URIs, trick users into parsing them,...

6.8CVSS7AI score0.00107EPSS

Exploits0References1

NVD•added 2015/05/16 2:1 a.m.•9 views

CVE-2015-0736

Cross-site request forgery CSRF vulnerability in Cisco MediaSense 10.51 and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728...

6.8CVSS7.2AI score0.00107EPSS

Exploits0References2

Prion•added 2015/05/16 2:1 a.m.•15 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Cisco MediaSense 10.51 and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728...

6.8CVSS7.7AI score0.00107EPSS

Exploits0References2Affected Software1

CVE•added 2015/05/16 1:0 a.m.•43 views

CVE-2015-0736

Cisco MediaSense is affected by a Cross‑Site Request Forgery (CSRF) vulnerability in version 10.5(1) and earlier. The root cause is insufficient CSRF protections on the web interface, enabling an attacker to hijack the authentication of an authenticated user and perform actions in that user’s con...

6.8CVSS7.4AI score0.00107EPSS

Exploits0References2Affected Software1

Cvelist•added 2015/05/16 1:0 a.m.•14 views

CVE-2015-0736

Cross-site request forgery CSRF vulnerability in Cisco MediaSense 10.51 and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728...

7.2AI score0.00107EPSS

Exploits0References2

Cisco•added 2015/05/14 4:58 p.m.•33 views

Cisco MediaSense Cross-Site Request Forgery Vulnerability

A vulnerability in Cisco MediaSense could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against the user of the web interface. The vulnerability is due to insufficient CSRF protections on the Cisco MediaSense web interface. An attacker could exploit...

4.3CVSS6.3AI score0.00107EPSS

Exploits0References1

Cisco•added 2014/01/22 7:6 p.m.•25 views

Cisco MediaSense Search and Play Cross-Site Scripting Vulnerability

A vulnerability in the Search and Play interface of Cisco MediaSense could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the portal on the affected system. The vulnerability is due to insufficient input validation of a parameter. An...

4.3CVSS5.6AI score0.00543EPSS

Exploits0References1

Cisco•added 2014/01/22 6:58 p.m.•23 views

Cisco MediaSense Open Redirection Vulnerability

A vulnerability in a specific URL parameter of Cisco MediaSense could allow an unauthenticated, remote attacker to perform site redirection. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including a desired remote site URL in the affect...

4.3CVSS6.5AI score0.00737EPSS

Exploits0References1

Cisco•added 2014/01/22 6:53 p.m.•19 views

Cisco MediaSense Search and Play Authorization Vulnerability

A vulnerability in the Search and Play interface of Cisco MediaSense could allow an authenticated, remote attacker to access recordings in the Search and Play interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the...

4CVSS6.3AI score0.00501EPSS

Exploits0References1

NVD•added 2014/01/22 5:22 a.m.•9 views

CVE-2014-0671

Open redirect vulnerability in Cisco MediaSense allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749...

5.8CVSS6.8AI score0.00737EPSS

Exploits0References7

NVD•added 2014/01/22 5:22 a.m.•8 views

CVE-2014-0670

Cross-site scripting XSS vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686...

4.3CVSS5.8AI score0.00543EPSS

Exploits0References7

NVD•added 2014/01/22 5:22 a.m.•9 views

CVE-2014-0672

The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface...

4CVSS6.3AI score0.00501EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by