5 matches found
CVE-2014-2118
Cisco Prime Security Manager (PRSM) prior to and including version 9.2(.1-2) contains multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML pages. The root cause is insufficient input validation in several dashboard HTML parameters, allowing remote attackers to inject arbi...
CVE-2012-4629
The CVE-2012-4629 issue affects Cisco ASA-CX Context-Aware Security module and Cisco Prime Security Manager (PRSM) prior to version 9.0.2-103. The vulnerability allows remote attackers to cause a denial of service (disk consumption and application hang) by sending unspecified IPv4 packets that tr...
CVE-2016-1301
CVE-2016-1301 affects Cisco ASA-CX Content-Aware Security software prior to 9.3.1.1(112) and Cisco Prime Security Manager prior to 9.3.1.1(112). The RBAC implementation flaw allows remote authenticated users to change arbitrary passwords by sending a crafted HTTP request. Impact is elevated privi...
CVE-2014-3365
CVE-2014-3365 (Cisco Prime Security Manager) affects PRSM versions up to 9.2(.1-2) and earlier. The vulnerability is a result of improper input validation in the Dashboard and Configure Realm pages, allowing an unauthenticated, remote attacker to inject and execute arbitrary web script or HTML (X...
CVE-2014-3364
Cisco Prime Security Manager (PRSM) web framework contains XSS vulnerabilities (CVE-2014-3364) in versions 9.2.1-2 and earlier. The underlying issue is insufficient input validation on parameters in the Access Policies and Device Summary Dashboard pages, enabling remote attackers to inject arbitr...