Lucene search
K
CiscoCiscoworks Common Services

12 matches found

CVE
CVE
added 2005/05/31 4:0 a.m.137 views

CVE-2005-0356

CVE-2005-0356 affects F5 BIG-IP BIG-IP LTM 9.0.0–9.0.5; other listed BIG-IP lines are not affected (e.g., 9.1.x, 9.2.x, 9.3.x, 9.4.x, 9.6.x are Not Affected). The issue is described as inadequate validation for TCP segments with PAWS/timestamps, enabling a remote attacker to cause a denial of ser...

5CVSS6.2AI score0.83284EPSS
CVE
CVE
added 2004/03/18 5:0 a.m.134 views

CVE-2004-0079

The connected documents confirm CVE-2004-0079: in OpenSSL 0.9.6c–0.9.6k and 0.9.7a–0.9.7c, a crafted SSL/TLS handshake can trigger a null dereference in do_change_cipher_spec, causing a denial of service (crash). Remediation is to apply patched/OpenSSL releases per advisories (e.g., CentOS adviso...

7.5CVSS7.1AI score0.09537EPSS
CVE
CVE
added 2011/05/20 10:0 p.m.125 views

CVE-2011-0961

CVE-2011-0961 is a Cross-site scripting (XSS) vulnerability affecting Cisco Unified Operations Manager and CiscoWorks Common Services Framework Help Servlet. The issue resides in the cwhp/device.center.do API (Help servlet) where an attacker can inject arbitrary script via the device parameter (B...

4.3CVSS5.6AI score0.05154EPSS
Web
CVE
CVE
added 2004/03/18 5:0 a.m.121 views

CVE-2004-0081

CVE-2004-0081 affects OpenSSL 0.9.6 prior to 0.9.6d. The issue is that OpenSSL does not properly handle unknown TLS/SSL message types, enabling a remote attacker to trigger a denial of service via an infinite loop (demonstrated with the Codenomicon TLS Test Tool). Impact is a network-based DoS; e...

5CVSS7.2AI score0.07229EPSS
CVE
CVE
added 2004/03/18 5:0 a.m.111 views

CVE-2004-0112

The CVE-2004-0112 issue affects OpenSSL 0.9.7a/b/c: during the SSL/TLS handshake, the Kerberos ciphersuite path fails to validate the Kerberos ticket length, enabling a remote attacker to cause a denial-of-service by triggering an out-of-bounds read. Public sources in connected documents confirm ...

5CVSS7.2AI score0.10424EPSS
CVE
CVE
added 2011/05/20 10:0 p.m.82 views

CVE-2011-0966

CVE-2011-0966 is a directory traversal vulnerability in Cisco Unified Operations Manager/CuOM related to the cwhp/auditLog.do endpoint of the Homepage Auditing component (Cisco Works Common Services 3.3 and earlier). An attacker can read arbitrary files by supplying a crafted file parameter (.. p...

6.8CVSS6.6AI score0.41348EPSS
Web
CVE
CVE
added 2012/05/03 10:0 a.m.69 views

CVE-2011-4237

The CVE-2011-4237 issue is a CRLF injection/HTTP response-splitting vulnerability in CiscoWorks Common Services 4.0 used with Cisco Prime LAN Management Solution and related products. Root cause: improper sanitization of user input in Autologin.jsp, enabling an unauthenticated remote attacker to ...

4.3CVSS7.2AI score0.01168EPSS
CVE
CVE
added 2009/05/21 2:0 p.m.65 views

CVE-2009-1161

CVE-2009-1161 describes a directory traversal vulnerability in CiscoWorks Common Services (CWCS) 3.0.x–3.2.x on Windows when the TFTP service is enabled. An unauthenticated remote attacker could access arbitrary files via CWCS TFTP, affecting multiple Cisco products that rely on CWCS (e.g., Unifi...

10CVSS6.8AI score0.12546EPSS
CVE
CVE
added 2011/10/20 12:0 a.m.58 views

CVE-2011-3310

CVE-2011-3310 affects CiscoWorks Common Services for Microsoft Windows (pre-4.1). The Home Page component allows an authenticated remote attacker to execute arbitrary commands via a crafted URL, with system administrator privileges on the affected host. The vulnerability impacts multiple CiscoWor...

9CVSS7.2AI score0.15163EPSS
CVE
CVE
added 2011/10/22 1:0 a.m.48 views

CVE-2011-2042

The CVE-2011-2042 entry affects CiscoWorks Common Services 3.x and 4.x (before 4.1) in the Sybase SQL Anywhere database component. Affected component exposes potentially sensitive information (engine name and database port) via an unspecified request to UDP port 2638. Root cause/technical specifi...

5CVSS7AI score0.01076EPSS
CVE
CVE
added 2010/10/29 6:0 p.m.47 views

CVE-2010-3036

CiscoWorks Common Services web server module contains multiple buffer overflows in the Cisco-developed authentication code, enabling remote, unauthenticated code execution with system administrator privileges via sessions on TCP ports 443 or 1741. Affected: CiscoWorks Common Services prior to ver...

10CVSS8.1AI score0.05992EPSS
CVE
CVE
added 2008/05/29 4:0 p.m.45 views

CVE-2008-2054

CVE-2008-2054 affects CiscoWorks Common Services versions 3.0.3 through 3.1.1. The Cisco advisory and accompanying sources describe a remote arbitrary-code execution vulnerability exploitable by an attacker from the network, leading to code execution on the user’s client machine. Cisco’s document...

9.3CVSS7.5AI score0.03909EPSS