Cisco

Prime Service Catalog

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-20680

  • EPSS 0.32%
  • Veröffentlicht 10.02.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:18

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper enforcement of Administrat...

10

CVE-2021-44228

Warnung Exploit
  • EPSS 94.36%
  • Veröffentlicht 10.12.2021 10:15:09
  • Zuletzt bearbeitet 08.08.2025 18:52:00

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

8.8

CVE-2019-1874

  • EPSS 0.68%
  • Veröffentlicht 20.06.2019 03:15:12
  • Zuletzt bearbeitet 21.11.2024 04:37:35

A vulnerability in the web-based management interface of Cisco Prime Service Catalog Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to ins...

4.8

CVE-2019-1875

  • EPSS 0.16%
  • Veröffentlicht 20.06.2019 03:15:12
  • Zuletzt bearbeitet 21.11.2024 04:37:35

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to i...

5.4

CVE-2018-15451

  • EPSS 0.14%
  • Veröffentlicht 08.11.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:50:49

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability ...

6.5

CVE-2018-0285

  • EPSS 0.88%
  • Veröffentlicht 02.05.2018 22:29:01
  • Zuletzt bearbeitet 21.11.2024 03:37:53

A vulnerability in service logging for Cisco Prime Service Catalog could allow an authenticated, remote attacker to deny service to the user interface. The vulnerability is due to exhaustion of disk space. An attacker could exploit this vulnerability...

6.1

CVE-2018-0200

  • EPSS 0.17%
  • Veröffentlicht 22.02.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 03:37:43

A vulnerability in the web-based interface of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface of an affected product. The v...

8.8

CVE-2018-0107

  • EPSS 0.33%
  • Veröffentlicht 18.01.2018 06:29:01
  • Zuletzt bearbeitet 21.11.2024 03:37:32

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection....

6.5

CVE-2017-12364

  • EPSS 0.33%
  • Veröffentlicht 30.11.2017 09:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language (SQL) queries. The vulnerability is due to a failure to validate user-...

6.1

CVE-2017-3866

  • EPSS 0.29%
  • Veröffentlicht 17.03.2017 22:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in the web framework code of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. More Information: CS...