Lucene search
K

17 matches found

CVE
CVE
added 2022/01/14 5:1 a.m.152 views

CVE-2022-20647

Cisco Security Manager’s web-based management interface contains cross-site scripting vulnerabilities caused by insufficient input validation. An unauthenticated, remote attacker could lure a user to click a crafted link to execute arbitrary script code within the interface or access browser-base...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:5 a.m.126 views

CVE-2022-20635

CVE-2022-20635 refers to multiple cross-site scripting vulnerabilities in the web-based management interface of Cisco Security Manager. The flaws arise from insufficient validation of user-supplied input, allowing an unauthenticated, remote attacker to persuade a user to click a crafted link and ...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:0 a.m.115 views

CVE-2022-20641

CVE-2022-20641 affects Cisco Security Manager’s web-based management interface. The vulnerabilities stem from insufficient input validation, enabling an unauthenticated attacker to perform cross-site scripting by tricking a user into clicking a crafted link. Impact described: execution of arbitra...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:0 a.m.113 views

CVE-2022-20642

CVE-2022-20642 refers to multiple cross-site scripting vulnerabilities in Cisco Security Manager’s Web-based management interface. The root cause is insufficient validation/handling of user-supplied input, allowing an unauthenticated, remote attacker to lure a user into clicking a crafted link an...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:5 a.m.96 views

CVE-2022-20637

CVE-2022-20637 affects Cisco Security Manager web-based management interface. Multiple cross-site scripting vulnerabilities arise from insufficient validation of user-supplied input. An unauthenticated, remote attacker could entice a user to click a crafted link, potentially allowing execution of...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:1 a.m.94 views

CVE-2022-20645

CVE-2022-20645 concerns Cisco Security Manager. The issue is cross-site scripting via the web-based management interface caused by inadequate input validation. An unauthenticated, remote attacker can lure a user to click a crafted link to execute arbitrary script code in the interface context or ...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:0 a.m.90 views

CVE-2022-20643

CVE-2022-20643 involves multiple cross-site scripting vulnerabilities in Cisco Security Manager’s web-based management interface, caused by insufficient validation of user input. An unauthenticated, remote attacker could lure a user into clicking a crafted link to execute arbitrary script code in...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:5 a.m.85 views

CVE-2022-20638

CVE-2022-20638 affects the web-based management interface of Cisco Security Manager. The issue is cross-site scripting due to insufficient validation of user-supplied input, allowing an unauthenticated, remote attacker to induce a user to click a crafted link and potentially execute arbitrary scr...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:0 a.m.80 views

CVE-2022-20644

CVE-2022-20644 refers to multiple cross-site scripting vulnerabilities in Cisco Security Manager’s web-based management interface. Root cause: insufficient validation of user-supplied input. Exploitation requires convincing a user to click a crafted link, enabling an unauthenticated, remote attac...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:5 a.m.77 views

CVE-2022-20639

Cisco Security Manager’s web-based management interface contains cross-site scripting vulnerabilities due to insufficient input validation. An unauthenticated remote attacker could lure a user to click a crafted link to execute arbitrary script code in the interface’s context or access browser-ba...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2019/10/02 6:15 p.m.74 views

CVE-2019-12630

Cisco Security Manager (CSM) is affected by CVE-2019-12630 due to insecure Java deserialization, enabling unauthenticated remote command execution via a malicious serialized object sent to a listener. The vulnerability permits execution of arbitrary commands on the device with casuser privileges....

9.8CVSS8.5AI score0.65846EPSS
CVE
CVE
added 2022/01/14 5:1 a.m.71 views

CVE-2022-20646

Cisco Security Manager’s web-based management interface contains cross-site scripting vulnerabilities due to insufficient input validation. An unauthenticated, remote attacker could persuade a user to click a crafted link and potentially execute arbitrary script code within the interface or acces...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2022/01/14 5:5 a.m.67 views

CVE-2022-20636

Multiple cross-site scripting vulnerabilities affect the web-based management interface of Cisco Security Manager (CSM). The issues arise from insufficient input validation, allowing an unauthenticated, remote attacker to lure a user into clicking a crafted link and execute arbitrary script code ...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2009/01/22 6:0 p.m.63 views

CVE-2008-3820

Cisco Security Manager 3.1 and 3.2 (prior to 3.2.2) is affected. When Cisco IPS Event Viewer (IEV) is launched, the server and client open remotely accessible TCP ports for the MySQL/IEV services, allowing unauthenticated remote access to the IEV database and server and potentially root-level ope...

6.8CVSS6.6AI score0.01379EPSS
CVE
CVE
added 2022/01/14 5:0 a.m.63 views

CVE-2022-20640

CVE-2022-20640 affects Cisco Security Manager’s web-based management interface. The issue is cross-site scripting due to insufficient validation of user input, allowing unauthenticated attackers to entice users to click a crafted link and potentially execute arbitrary script code or access browse...

6.1CVSS6.2AI score0.00759EPSS
CVE
CVE
added 2015/02/27 2:0 a.m.49 views

CVE-2015-0594

Cisco Common Services (used by Cisco Prime LAN Management Solution and Cisco Security Manager) contains cross-site scripting (XSS) vulnerabilities in the help pages. The root cause is insufficient input validation of some parameters used by the help page system, allowing remote attackers to trigg...

4.3CVSS5.9AI score0.01792EPSS
CVE
CVE
added 2013/09/12 1:0 a.m.46 views

CVE-2013-5488

Cisco Common Services (used in Cisco Prime LMS, Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager) fails to properly interact with ActiveMQ, allowing an unauthenticated remote attacker to cause memory-based DoS by opening multiple concurrent TCP sessions....

5CVSS6.8AI score0.0157EPSS