Security Manager Security Vulnerabilities and Issues — Security Manager CVE List

Lucene search

CiscoSecurity Manager

5 matches found

CVE•added 2015/05/15 1:59 a.m.•41 views

CVE-2015-0727

Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CSM) 4.7(0)SP1(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27789.

4.3CVSS5.8AI score0.00263EPSS

CVE•added 2014/04/02 3:58 a.m.•34 views

CVE-2014-2138

CRLF injection vulnerability in the web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCun82349.

4.3CVSS7.1AI score0.00211EPSS

CVE•added 2014/05/20 11:13 a.m.•33 views

CVE-2014-3265

Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900.

4.3CVSS5.9AI score0.0043EPSS

CVE•added 2015/02/27 2:59 a.m.•33 views

CVE-2015-0594

Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS) and Cisco Security Manager, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq54654 and CSCun...

4.3CVSS5.9AI score0.00256EPSS

CVE•added 2014/05/26 12:25 a.m.•26 views

CVE-2014-3266

Cross-site scripting (XSS) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun65189.

4.3CVSS5.9AI score0.00309EPSS