5 matches found
CVE-2013-1170
The CVE-2013-1170 issue affects Cisco Prime Network Control System (NCS) appliances running software before 1.1.1.24, where the database user account is created with a default password. This creates a risk that remote attackers could log into the system and either change configuration or cause a ...
CVE-2013-1125
Summary: CVE-2013-1125 affects Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, an...
CVE-2013-1196
The CVE-2013-1196 entry involves multiple Cisco products (ACS, Identity Services Engine, ANM, LMS, Prime NSM/DCNM, Quad, etc.) where the command-line interface does not properly validate input, allowing local users to obtain root privileges via unspecified vectors. Connected documents corroborate...
CVE-2012-5990
CVE-2012-5990 describes reflected XSS in the Health Monitor login pages of Cisco Prime NCS/WCS. Affected component: Health Monitor Login pages. Root cause: input validation error leading to reflection of HTML/script (CWE-79). Impact stated: attacker can execute arbitrary script in the user’s brow...
CVE-2015-0768
CVE-2015-0768 affects Cisco Prime Network Control System (NCS) Device Work Center (DWC) in NCS 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69). Root cause: improper implementation of AAA roles, allowing remote authenticated users to bypass access restrictions and execute commands via an active login se...