Socialminer Security Vulnerabilities and Issues — Socialminer CVE List

Lucene search

CiscoSocialminer

11 matches found

CVE•added 2019/01/24 4:29 p.m.•56 views

CVE-2019-1668

A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. This vulnerability is due to insufficient sanitization of user-supplied i...

6.1CVSS6AI score0.0033EPSS

CVE•added 2018/06/07 12:29 p.m.•54 views

CVE-2017-6779

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occu...

7.8CVSS7.5AI score0.00942EPSS

CVE•added 2017/11/16 7:29 a.m.•53 views

CVE-2017-12337

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or P...

10CVSS9.4AI score0.12274EPSS

CVE•added 2018/05/17 3:29 a.m.•46 views

CVE-2018-0290

A vulnerability in the TCP stack of Cisco SocialMiner could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the notification system. The vulnerability is due to faulty handling of new TCP connections to the affected application. An attacker could exploit th...

5.3CVSS5.5AI score0.00476EPSS

CVE•added 2017/09/07 9:29 p.m.•43 views

CVE-2017-12216

A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML fil...

8.8CVSS8.6AI score0.01569EPSS

CVE•added 2018/10/17 10:0 p.m.•38 views

CVE-2018-15435

A vulnerability in the web-based management interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied...

6.1CVSS6AI score0.0012EPSS

CVE•added 2017/07/04 12:29 a.m.•37 views

CVE-2017-6702

A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCve15285. Known Affected Releases: 11.5(1).

6.1CVSS5.9AI score0.00349EPSS

CVE•added 2013/09/13 2:10 p.m.•36 views

CVE-2013-5492

administration.jsp in Cisco SocialMiner allows remote attackers to obtain sensitive information by sniffing the network for HTTP client-server traffic, aka Bug ID CSCuh76780.

5CVSS6.4AI score0.0025EPSS

CVE•added 2015/11/04 3:59 a.m.•36 views

CVE-2015-6356

Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco Social Miner 10.0(1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuw60212.

4.3CVSS5.9AI score0.00402EPSS

CVE•added 2013/09/08 3:17 a.m.•27 views

CVE-2013-5483

Cross-site scripting (XSS) vulnerability in bookmarklet.jsp in Cisco SocialMiner allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuh73868.

4.3CVSS5.9AI score0.00295EPSS

CVE•added 2013/09/13 2:10 p.m.•25 views

CVE-2013-5489

The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuh74125.

5CVSS6.3AI score0.0026EPSS