Lucene search
K
CiscoSecurity Monitoring Analysis And Response System

4 matches found

CVE
CVE
added 2006/07/19 11:0 p.m.90 views

CVE-2006-3733

The CVE describes a vulnerability in CS-MARS where jmx-console/HtmlAdaptor in the JBoss web server allows a remote attacker to gain CS-MARS administrator privileges and execute arbitrary Java code via an invokeOp action in the BSHDeployer jboss.scripts service name. Affected product is Cisco CS-M...

7.5CVSS7.5AI score0.1176EPSS
Web
CVE
CVE
added 2013/11/06 11:0 a.m.53 views

CVE-2013-5563

CVE-2013-5563 is a cross-site scripting (XSS) vulnerability in Cisco Security Monitoring, Analysis and Response System (CS-MARS). The issue arises because input passed to Query/NewQueryResult.jsp (notably the isnowLatency parameter) is not properly sanitized, allowing an attacker to inject arbitr...

4.3CVSS5.8AI score0.0096EPSS
Web
CVE
CVE
added 2007/01/20 1:0 a.m.47 views

CVE-2007-0397

The CVE-2007-0397 issue affects Cisco CS-MARS (before 4.2.3) and ASDM (before 5.2(2.54)); both do not validate SSL/TLS certificates or SSH public keys when connecting to devices, enabling remote spoofing to obtain sensitive info or present false data. Cisco’s advisory notes that updated software ...

6.4CVSS6.3AI score0.0281EPSS
CVE
CVE
added 2013/03/06 11:0 a.m.39 views

CVE-2013-1140

The vulnerability CVE-2013-1140 affects Cisco’s Security Monitoring, Analysis, and Response System (MARS). It stems from improper handling of XML External Entity (XXE) in the XML parser, allowing unauthenticated, remote attackers to read arbitrary files via an external entity declaration and an e...

4.3CVSS6.9AI score0.01161EPSS