28 matches found
EUVD-2014-3377
Malware in sbrugna...
EUVD-2014-2158
Malware in sbrugna...
EUVD-2014-3378
Malware in sbrugna...
Cisco ASA-CX Content-Aware Security software and Cisco Prime Security Manager Arbitrary Password Change Vulnerability
Cisco ASA-CX Content-Aware Security software and Cisco Prime Security Manager PRSM are both products of Cisco, Inc.Cisco ASA CX Context-Aware Security Software Cisco ASA CX Context-Aware Security Software is an add-on service module that extends the ASA platform.PRSM is a multi-device management...
CVE-2016-1301
The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1112 and Cisco Prime Security Manager PRSM software before 9.3.1.1112 allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842...
CVE-2016-1301
The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1112 and Cisco Prime Security Manager PRSM software before 9.3.1.1112 allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842...
Design/Logic Flaw
The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1112 and Cisco Prime Security Manager PRSM software before 9.3.1.1112 allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842...
Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability
A vulnerability in the role-based access control of Cisco ASA-CX and Cisco Prime Security Manager PRSM could allow an authenticated, remote attacker to change the password of any user on the system. The vulnerability exists because the password change request is not fully qualified. An...
Cisco Prime Security Manager OpenSSL Alternative Chains Certificate Forgery (cisco-sa-20150710-openssl)
According to its self-reported version number, the version of Cisco Prime Security Manager installed on the remote host has a bundled version of OpenSSL that is affected by a certificate validation bypass vulnerability. The vulnerability exists due to a flaw in the X509verifycert function in...
Cisco Prime Security Manager Network Time Protocol Daemon (ntpd) Multiple Vulnerabilities (cisco-sa-20141222-ntpd)
According to its self-reported version number, the version of Cisco Prime Security Manager running on the remote host is prior to 9.3.3.2. It is, therefore, affected by multiple vulnerabilities in the bundled NTP libraries : - A security weakness exists due to the configauth function improperly...
CVE-2014-3365
Multiple cross-site scripting XSS vulnerabilities in Cisco Prime Security Manager PRSM 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted input to the 1 Dashboard or 2 Configure Realm page, aka Bug ID CSCuo94808...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cisco Prime Security Manager PRSM 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted input to the 1 Dashboard or 2 Configure Realm page, aka Bug ID CSCuo94808...
CVE-2014-3365
Multiple cross-site scripting XSS vulnerabilities in Cisco Prime Security Manager PRSM 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted input to the 1 Dashboard or 2 Configure Realm page, aka Bug ID CSCuo94808...
CVE-2014-3365
CVE-2014-3365 (Cisco Prime Security Manager) affects PRSM versions up to 9.2(.1-2) and earlier. The vulnerability is a result of improper input validation in the Dashboard and Configure Realm pages, allowing an unauthenticated, remote attacker to inject and execute arbitrary web script or HTML (X...
Cisco Prime Security Manager Cross-Site Scripting Vulnerability
A vulnerability in multiple web interface pages of Cisco Prime Security Manager could allow an unauthenticated, remote attacker to execute cross-site scripting XSS attacks or hijack user sessions. The vulnerability is due to a failure to properly validate user-supplied input in the Dashboard and...
Cisco Prime Security Manager Cross-Site Scripting Vulnerability (CNVD-2015-01125)
Cisco Prime Security Manager is a tool for centralized management of the Cisco ASA 5500-X Series firewalls. A cross-site scripting vulnerability exists in Cisco Prime Security Manager due to the program failing to properly filter user-supplied input. An attacker could exploit this vulnerability t...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco Prime Security Manager aka PRSM 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a 1 Access Policies or 2 Device Summary Dashboard parameter, aka Bug ID CSCuq80661...
CVE-2014-3364
Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco Prime Security Manager aka PRSM 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a 1 Access Policies or 2 Device Summary Dashboard parameter, aka Bug ID CSCuq80661...
CVE-2014-3364
Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco Prime Security Manager aka PRSM 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a 1 Access Policies or 2 Device Summary Dashboard parameter, aka Bug ID CSCuq80661...
CVE-2014-3364
Cisco Prime Security Manager (PRSM) web framework contains XSS vulnerabilities (CVE-2014-3364) in versions 9.2.1-2 and earlier. The underlying issue is insufficient input validation on parameters in the Access Policies and Device Summary Dashboard pages, enabling remote attackers to inject arbitr...