4 matches found
CVE-2013-1171
Cisco CG-NMS contains multiple XSS vulnerabilities in the element-list component that could allow an unauthenticated, remote attacker to inject arbitrary web script or HTML via unspecified vectors. The issue is documented under Cisco Security Advisory Cisco-SA-20130401-CVE-2013-1171 and reference...
CVE-2017-6780
CVE-2017-6780 describes a memory-exhaustion DoS in Cisco IoT Field Network Director (IoT-FND) due to insufficient rate-limiting in the TCP throttling path. An unauthenticated, remote attacker can send high-rate TCP traffic to a set of open ports, causing the device to consume memory and eventuall...
CVE-2015-6362
CVE-2015-6362 affects Cisco Connected Grid Network Management System (CG-NMS) web GUI in versions 3.0(0.35) and 3.0(0.54). The issue arises from insufficient authorization controls, allowing remote authenticated users in the Monitor-Only role to bypass restrictions and modify configuration. The r...
CVE-2013-1163
CVE-2013-1163 records multiple SQL injection vulnerabilities in the Cisco Connected Grid Network Management System (CG-NMS) device-management implementation. The issues allow remote attackers to execute arbitrary SQL commands via unspecified vectors. This is tied to Bug IDs CSCue14553 and CSCue38...