6 matches found
CVE-2013-1125
Summary: CVE-2013-1125 affects Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, an...
CVE-2013-1196
The CVE-2013-1196 entry involves multiple Cisco products (ACS, Identity Services Engine, ANM, LMS, Prime NSM/DCNM, Quad, etc.) where the command-line interface does not properly validate input, allowing local users to obtain root privileges via unspecified vectors. Connected documents corroborate...
CVE-2014-0651
Cisco Context Directory Agent (CDA) is affected by CVE-2014-0651 due to insufficient authorization enforcement in the administrative interface. An authenticated, remote attacker can hijack an active session to perform administrative actions, effectively gaining privileges. The advisory notes expl...
CVE-2014-0652
Cisco Context Directory Agent (CDA) is affected by CVE-2014-0652 in the Mappings page. The vulnerability arises from insufficient validation of user-supplied input in the Mappings page, allowing an unauthenticated, remote attacker to craft a URL that injects arbitrary script/HTML (XSS) when a use...
CVE-2014-0654
The Cisco Context Directory Agent (CDA) is affected by CVE-2014-0654 due to insufficient validation of RADIUS accounting messages. A remote, unauthenticated attacker can replay crafted messages to modify the CDA cache. The vulnerability could affect the contents of the CDA cache; Cisco notes that...
CVE-2014-0656
Cisco Context Directory Agent (CDA) contains a vulnerability where an authenticated remote attacker can hide values entered in affected input fields due to insufficient input validation. This can cause the UI to omit user-entered data. Exploitation requires authentication to a targeted device. Ci...