CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2018/06/21 12:0 a.m.•2 views

PT-2018-8792 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center affected versions not specified Description: A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perfo...

8.8CVSS7.4AI score0.00192EPSS

NVD•added 2018/04/19 8:29 p.m.•12 views

CVE-2018-0251

A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer SSL VPN portal of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of that portal on an...

6.1CVSS6.1AI score0.0028EPSS

Prion•added 2018/04/19 8:29 p.m.•12 views

Cross site scripting

4.3CVSS6AI score0.0028EPSS

Cisco•added 2018/04/18 4:0 p.m.•63 views

Cisco Adaptive Security Appliance Clientless SSL VPN Cross-Site Scripting Vulnerability

6.1CVSS6AI score0.0028EPSS

NVD•added 2018/03/28 10:29 p.m.•12 views

CVE-2018-0186

Multiple vulnerabilities in the web-based user interface web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web UI of the affected software. The vulnerabilities are due to insufficient input validation...

6.1CVSS6.3AI score0.00298EPSS

Exploits0References2

Prion•added 2018/03/28 10:29 p.m.•14 views

Cross site scripting

4.3CVSS6.1AI score0.00298EPSS

Exploits0References2Affected Software1

OpenVAS•added 2018/03/14 12:0 a.m.•20 views

dialup_admin Detection

Detection of dialupadmin interface for the freeradius radius server. The script sends a connection request to the server and attempts to detect dialupadmin web based administration interface for the freeradius radius server. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might b...

7AI score

CNVD•added 2018/03/09 12:0 a.m.•2 views

Cisco Security Manager Cross-Site Scripting Vulnerability

Cisco Security Manager CSM is a suite of enterprise-level management applications from Cisco that are used to configure firewall, VPN, and intrusion protection security services on Cisco network and security devices. A cross-site scripting vulnerability exists in the DesktopServlet of the Web-bas...

6.1CVSS6.6AI score0.0017EPSS

ATTACKERKB•added 2018/03/08 7:29 a.m.•2 views

CVE-2018-0144

A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS5.8AI score0.00332EPSS

Exploits0References4

Prion•added 2018/03/08 7:29 a.m.•19 views

Xxe

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities...

4.3CVSS4AI score0.00462EPSS

Cvelist•added 2018/03/08 7:0 a.m.•15 views

CVE-2018-0215

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

6.6AI score0.00146EPSS

Cisco•added 2018/03/07 4:0 p.m.•29 views

Cisco UCS Director Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Computing System UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS1.5AI score0.00332EPSS

Cisco•added 2018/03/07 4:0 p.m.•64 views

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

6.3CVSS2.6AI score0.00146EPSS

NVD•added 2018/02/22 12:29 a.m.•14 views

CVE-2018-0200

A vulnerability in the web-based interface of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based interface of an affected product. The vulnerability is due to insufficient validation of...

6.1CVSS6AI score0.0017EPSS

Prion•added 2018/02/22 12:29 a.m.•14 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due...

4.3CVSS6AI score0.00451EPSS

Prion•added 2018/02/22 12:29 a.m.•10 views

Cross site scripting

4.3CVSS6AI score0.0017EPSS

Vulnrichment•added 2018/02/22 12:0 a.m.•6 views

CVE-2018-0200

6AI score0.0017EPSS

CVE•added 2018/02/22 12:0 a.m.•55 views

CVE-2018-0200

CVE-2018-0200 affects Cisco Prime Service Catalog (PSC) web-based interface. The issue is a reflected cross-site scripting (XSS) vulnerability caused by insufficient validation of user-supplied input, exploitable by persuading an unauthenticated, remote user to click a crafted link. Successful ex...

6.1CVSS5.9AI score0.0017EPSS

Vulnrichment•added 2018/01/11 9:0 a.m.•6 views

CVE-2018-0118

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6AI score0.00451EPSS