Cisco

Security Manager

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2022-20637

  • EPSS 0.17%
  • Veröffentlicht 14.01.2022 05:15:10
  • Zuletzt bearbeitet 21.11.2024 06:43:12

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insuffi...

6.1

CVE-2022-20636

  • EPSS 0.17%
  • Veröffentlicht 14.01.2022 05:15:10
  • Zuletzt bearbeitet 21.11.2024 06:43:12

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insuffi...

6.1

CVE-2022-20635

  • EPSS 0.15%
  • Veröffentlicht 14.01.2022 05:15:10
  • Zuletzt bearbeitet 21.11.2024 06:43:12

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insuffi...

9.1

CVE-2020-27130

  • EPSS 14.13%
  • Veröffentlicht 17.11.2020 04:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:46

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests to an affect...

10

CVE-2020-27131

  • EPSS 88.49%
  • Veröffentlicht 17.11.2020 04:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:46

Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deseri...

9.8

CVE-2020-27125

  • EPSS 1.11%
  • Veröffentlicht 17.11.2020 03:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:45

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An at...

9.8

CVE-2019-12630

  • EPSS 32.49%
  • Veröffentlicht 02.10.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:23:13

A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supp...

9.1

CVE-2019-1903

  • EPSS 0.84%
  • Veröffentlicht 20.06.2019 03:15:12
  • Zuletzt bearbeitet 21.11.2024 04:37:39

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS) condition. The vulnerability is due to improper restrictions on XML entities. An attacker cou...

6.1

CVE-2018-0223

  • EPSS 0.17%
  • Veröffentlicht 08.03.2018 07:29:01
  • Zuletzt bearbeitet 21.11.2024 03:37:46

A vulnerability in DesktopServlet in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The ...

4.3

CVE-2015-0594

  • EPSS 0.26%
  • Veröffentlicht 27.02.2015 02:59:32
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS) and Cisco Security Manager, allow remote attackers to inject arbitrary web script or HTML via unspeci...