Vulnerabilites related to cisco - unified_service_monitor
Vulnerability from fkie_nvd
Published
2009-05-21 14:30
Modified
2024-11-21 01:01
Severity ?
Summary
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:windows:*:*:*:*:*",
"matchCriteriaId": "EFFC3AE9-1B61-44F8-938B-6363EDB2DD5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "1BB12692-8BCD-4601-83AE-12F1AFD1EF03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:windows:*:*:*:*:*",
"matchCriteriaId": "1017A34C-A119-41D4-AE10-1E35FAFF0547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:windows:*:*:*:*:*",
"matchCriteriaId": "5399066A-658B-4494-A291-DB20E0CE7687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "BD8374C6-D8A3-43CB-A9F7-8A71CD69BE9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "DC455CA4-A1F7-4614-9A6F-ABCB0C9026E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "F5941482-DB47-49E8-90BA-650073C3A233",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC556B9-7073-41E3-8099-00B796F8B68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87814504-DC6B-41CA-873E-F46B2F71A3FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EB783DD2-C6B7-406B-9DC4-E1BC832D025C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57CBDA0C-EE71-459C-AFA1-9879C6727287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B25F2-2DEB-4254-88DB-FA31AB6CA04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F77163A8-3F2F-473F-B776-A155D94011DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_voice_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F143B9-20B4-4140-805F-5F709290D6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_voice_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "562CA8A8-C17E-4985-8EA0-E2CB61355FEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE4D6E7-9884-4C7B-BD40-F8C08E78E93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "921F93B3-84A8-471B-9A3A-780C76BA3685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "668AEB8D-4923-4EAE-A67A-979D7B816108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC421340-135D-45AD-8E59-F1B62805ABEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5510F4F-93C9-4722-97F5-37A05B48C23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C73FD728-7A22-4248-B4DA-62AB2704A411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "930EA844-7016-4EC3-833D-70D1B1DE6DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C453852A-D639-4872-B8FE-AE7E2BC019A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4D4CAE-582C-47F5-A3D5-CC1D3BE00308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A0337CC9-B682-4135-B5C8-745B41474EBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14FC0DD7-81A3-4294-ACA5-0F8B05E7CC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5A8958-B3DE-443B-921F-3AE25FFBF615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2F5BDC-A768-4A07-92A2-1C9DF484C3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6041F558-D641-4067-BBC8-EC23D0A1ED18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56101F5A-4099-4027-859D-07CFE598F1B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en el servicio TFTP en Cisco CiscoWorks Common Services (CWCS) v3.0.x hasta v3.2.x en Windows, tambi\u00e9n utilizado en Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager y otros productos, lo que permite atacantes remotos acceder a ficheros arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2009-1161",
"lastModified": "2024-11-21T01:01:48.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-05-21T14:30:00.390",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"source": "psirt@cisco.com",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"source": "psirt@cisco.com",
"url": "http://osvdb.org/54616"
},
{
"source": "psirt@cisco.com",
"url": "http://secunia.com/advisories/35179"
},
{
"source": "psirt@cisco.com",
"url": "http://securitytracker.com/id?1022263"
},
{
"source": "psirt@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securityfocus.com/bid/35040"
},
{
"source": "psirt@cisco.com",
"url": "http://www.vupen.com/english/advisories/2009/1390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1022263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1390"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-10-29 19:00
Modified
2024-11-21 01:17
Severity ?
Summary
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ciscoworks_common_services | 3.0.5 | |
| cisco | ciscoworks_common_services | 3.0.6 | |
| cisco | ciscoworks_common_services | 3.1 | |
| cisco | ciscoworks_common_services | 3.1.1 | |
| cisco | ciscoworks_common_services | 3.2 | |
| cisco | ciscoworks_common_services | 3.3 | |
| cisco | ciscoworks_lan_management_solution | 2.6 | |
| cisco | ciscoworks_lan_management_solution | 3.0 | |
| cisco | ciscoworks_lan_management_solution | 3.0 | |
| cisco | ciscoworks_lan_management_solution | 3.1 | |
| cisco | ciscoworks_lan_management_solution | 3.2 | |
| cisco | qos_policy_manager | 4.0 | |
| cisco | qos_policy_manager | 4.0.1 | |
| cisco | qos_policy_manager | 4.0.2 | |
| cisco | security_manager | 3.0.2 | |
| cisco | security_manager | 3.2 | |
| cisco | telepresence_readiness_assessment_manager | 1.0 | |
| cisco | unified_operations_manager | 2.0.1 | |
| cisco | unified_operations_manager | 2.0.2 | |
| cisco | unified_operations_manager | 2.0.3 | |
| cisco | unified_service_monitor | 2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD3EC2-36B1-4E34-BD7F-B1D02B32178A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC9C408-0BE2-45A6-ACB3-B9EBB22BC773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "499CD64C-8692-4BE7-8F5E-5964ACDA1972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2152A29-7074-4659-AA8A-BB3E793ED4A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "518309CD-F453-4B0B-8C1D-E534CE0E336B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22DE1462-59AC-40BE-89DF-AB43CA3EC7BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:update:*:*:*:*:*:*",
"matchCriteriaId": "3D8B4ED2-15B4-4FE1-A159-D6435B5DCA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:december_2007:*:*:*:*:*:*",
"matchCriteriaId": "D81D6312-9A3E-483D-BBFC-C7688B3872A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8493C0-A3FF-473A-BFD5-DB6051AE8DCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEE8595-B861-4DAB-9708-B2DA30C36C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96C5C060-E09E-4F28-9B87-0417DBFB9368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "83FCE4EC-B432-4768-BF3A-F1A29BD6B4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F831EEB-A499-4C76-A085-52F3D750E0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "668AEB8D-4923-4EAE-A67A-979D7B816108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DF29A-4E30-442C-BB14-F22D955B112A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA03A21-13EF-476E-892B-D0A494779594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "107A78CC-8943-4D33-BE60-CBFC72FE405D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA713155-3826-401C-88E6-5D556513877A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
},
{
"lang": "es",
"value": "Multiples desbordamientos de b\u00fafer en la funci\u00f3n de autenticaci\u00f3n en el m\u00f3dulo web-server de Cisco CiscoWorks Common Services anterior a v4.0 permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de sesiones TCP en el puerto (1) 443 o (2) 1741, tambi\u00e9n conocido como \"Bug ID CSCti41352\"."
}
],
"id": "CVE-2010-3036",
"lastModified": "2024-11-21T01:17:55.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-10-29T19:00:02.013",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://osvdb.org/68927"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42011"
},
{
"source": "psirt@cisco.com",
"url": "http://securitytracker.com/id?1024646"
},
{
"source": "psirt@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"source": "psirt@cisco.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/44468"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/44468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2793"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-12 13:28
Modified
2024-11-21 01:57
Severity ?
Summary
Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | prime_lan_management_solution | - | |
| cisco | security_manager | * | |
| cisco | unified_operations_manager | - | |
| cisco | unified_service_monitor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_lan_management_solution:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E09BFF1-6273-4BC4-9DFA-563F490E2754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC03BFB-10FA-4276-930F-DB450E89DCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F10FFA-58FA-45BC-BD2A-7C01D8D02315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2F9E15-8B14-4CBB-B997-0DB94E9A5624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969."
},
{
"lang": "es",
"value": "Cisco Common Services, utilizado en Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, y Cisco Unified Operations Manager, no interactua apropiadamente con el componente ActiveMQ, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (agotamiento de memoria) a trav\u00e9s de sesiones TCP simult\u00e1neas, tambien conocidas como Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, y CSCuh95969."
}
],
"id": "CVE-2013-5488",
"lastModified": "2024-11-21T01:57:34.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-12T13:28:32.207",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
},
{
"source": "psirt@cisco.com",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securityfocus.com/bid/62333"
},
{
"source": "psirt@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/62333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-09-19 12:02
Modified
2024-11-21 01:28
Severity ?
Summary
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9DA2FE-4D4A-4050-AA4E-E600B85B6CD1",
"versionEndIncluding": "8.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2F5BDC-A768-4A07-92A2-1C9DF484C3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6041F558-D641-4067-BBC8-EC23D0A1ED18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA713155-3826-401C-88E6-5D556513877A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56101F5A-4099-4027-859D-07CFE598F1B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "457D7ED3-5F22-47E0-9849-39229F893774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7A0546-10A3-4E3F-83B8-A8C12CCCC745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0932-E5B5-4B2C-8216-433E0D6C4238",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:december_2007:*:*:*:*:*:*",
"matchCriteriaId": "D81D6312-9A3E-483D-BBFC-C7688B3872A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8493C0-A3FF-473A-BFD5-DB6051AE8DCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30403ADA-2382-402D-AAD3-6E86F8E23616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0810DAF4-2D1B-4B48-9DD1-BC417B3C7E04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "690FA80D-A157-4D4E-980D-C9AA0009D853",
"versionEndIncluding": "8.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC421340-135D-45AD-8E59-F1B62805ABEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5510F4F-93C9-4722-97F5-37A05B48C23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C73FD728-7A22-4248-B4DA-62AB2704A411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DF29A-4E30-442C-BB14-F22D955B112A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA03A21-13EF-476E-892B-D0A494779594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "107A78CC-8943-4D33-BE60-CBFC72FE405D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "930EA844-7016-4EC3-833D-70D1B1DE6DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA3DB6A-A1D4-4CB4-A62D-3269E27094D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D63D2042-C271-4671-9858-2DE4709BAD19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3BF00348-D8E9-4FC0-A6EA-7B16707441A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:ionix_acm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78FD3AEC-D4FF-49BB-86F1-8E90133E2418",
"versionEndIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:ionix_asam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD264FD3-A076-4414-B159-D9A81B15A026",
"versionEndIncluding": "3.2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:ionix_ip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A30BC92-680F-455D-A3A9-6690F78F485D",
"versionEndIncluding": "8.1.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Unified Service Monitor de Cisco anterior a versi\u00f3n 8.6, tal y como es usado en Unified Operations Manager anterior a versi\u00f3n 8.6 y CiscoWorks LAN Management Solution versiones 3.x y 4.x anteriores a 4.1; y m\u00faltiples productos de Ionix de EMC, incluido Application Connectivity Monitor (Ionix ACM) versi\u00f3n 2.3 y versiones anteriores, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) versi\u00f3n 3.2.0.2 y anteriores, IP Management Suite (Ionix IP) versi\u00f3n 8.1.1.1 y versiones anteriores, y otros productos Ionix; permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de paquetes dise\u00f1ados al puerto TCP 9002, tambi\u00e9n se conoce como Bug IDs CSCtn42961 y CSCtn64922, relacionados con un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2011-2738",
"lastModified": "2024-11-21T01:28:51.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-09-19T12:02:55.357",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45979"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46016"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46052"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46053"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"source": "security_alert@emc.com",
"url": "http://www.osvdb.org/75442"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/49627"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/49644"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1026046"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1026047"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1026048"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1026059"
},
{
"source": "security_alert@emc.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/75442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-10 21:55
Modified
2024-11-21 01:53
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_operations_manager | - | |
| cisco | unified_service_monitor | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F10FFA-58FA-45BC-BD2A-7C01D8D02315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2F9E15-8B14-4CBB-B997-0DB94E9A5624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el framework web en la implementaci\u00f3n del gestor de comunicaciones en Cisco Unified Operations Manager y Unified Service Monitor, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de un par\u00e1metro no especificado, tambi\u00e9n conocido como Bug IDs CSCuh47574 y CSCuh95997."
}
],
"id": "CVE-2013-3416",
"lastModified": "2024-11-21T01:53:35.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-07-10T21:55:00.947",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1028765"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1028766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028766"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2011-2738
Vulnerability from cvelistv5
Published
2011-09-17 10:00
Modified
2024-08-06 23:08
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46052",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46052"
},
{
"name": "1026048",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026048"
},
{
"name": "46053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46053"
},
{
"name": "45979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45979"
},
{
"name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"name": "75442",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/75442"
},
{
"name": "cisco-unspecified-code-execution(69828)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
},
{
"name": "46016",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46016"
},
{
"name": "49627",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49627"
},
{
"name": "49644",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49644"
},
{
"name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"name": "1026059",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026059"
},
{
"name": "1026047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026047"
},
{
"name": "1026046",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026046"
},
{
"name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "46052",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46052"
},
{
"name": "1026048",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026048"
},
{
"name": "46053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46053"
},
{
"name": "45979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45979"
},
{
"name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"name": "75442",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/75442"
},
{
"name": "cisco-unspecified-code-execution(69828)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
},
{
"name": "46016",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46016"
},
{
"name": "49627",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49627"
},
{
"name": "49644",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49644"
},
{
"name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"name": "1026059",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026059"
},
{
"name": "1026047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026047"
},
{
"name": "1026046",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026046"
},
{
"name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2011-2738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46052",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46052"
},
{
"name": "1026048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026048"
},
{
"name": "46053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46053"
},
{
"name": "45979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45979"
},
{
"name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"name": "75442",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/75442"
},
{
"name": "cisco-unspecified-code-execution(69828)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
},
{
"name": "46016",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46016"
},
{
"name": "49627",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49627"
},
{
"name": "49644",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49644"
},
{
"name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"name": "1026059",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026059"
},
{
"name": "1026047",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026047"
},
{
"name": "1026046",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026046"
},
{
"name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2011-2738",
"datePublished": "2011-09-17T10:00:00",
"dateReserved": "2011-07-13T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3036
Vulnerability from cvelistv5
Published
2010-10-29 18:00
Modified
2024-08-07 02:55
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/68927 | vdb-entry, x_refsource_OSVDB | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml | vendor-advisory, x_refsource_CISCO | |
| http://securitytracker.com/id?1024646 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/44468 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/42011 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2010/2793 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68927",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68927"
},
{
"name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"name": "1024646",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024646"
},
{
"name": "44468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44468"
},
{
"name": "42011",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42011"
},
{
"name": "ADV-2010-2793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2793"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-06T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "68927",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68927"
},
{
"name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"name": "1024646",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024646"
},
{
"name": "44468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44468"
},
{
"name": "42011",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42011"
},
{
"name": "ADV-2010-2793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2793"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68927",
"refsource": "OSVDB",
"url": "http://osvdb.org/68927"
},
{
"name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"name": "1024646",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024646"
},
{
"name": "44468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44468"
},
{
"name": "42011",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42011"
},
{
"name": "ADV-2010-2793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2793"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-3036",
"datePublished": "2010-10-29T18:00:00",
"dateReserved": "2010-08-17T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1161
Vulnerability from cvelistv5
Published
2009-05-21 14:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html | third-party-advisory, x_refsource_JVNDB | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/35040 | vdb-entry, x_refsource_BID | |
| http://jvn.jp/en/jp/JVN62527913/index.html | third-party-advisory, x_refsource_JVN | |
| http://osvdb.org/54616 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1022263 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/1390 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/35179 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:48.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2009-000032",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"name": "35040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35040"
},
{
"name": "JVN#62527913",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"name": "54616",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54616"
},
{
"name": "1022263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022263"
},
{
"name": "ADV-2009-1390",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1390"
},
{
"name": "35179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-06-04T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "JVNDB-2009-000032",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"name": "35040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35040"
},
{
"name": "JVN#62527913",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"name": "54616",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54616"
},
{
"name": "1022263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022263"
},
{
"name": "ADV-2009-1390",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1390"
},
{
"name": "35179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-1161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2009-000032",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"name": "35040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35040"
},
{
"name": "JVN#62527913",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"name": "54616",
"refsource": "OSVDB",
"url": "http://osvdb.org/54616"
},
{
"name": "1022263",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022263"
},
{
"name": "ADV-2009-1390",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1390"
},
{
"name": "35179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-1161",
"datePublished": "2009-05-21T14:00:00",
"dateReserved": "2009-03-26T00:00:00",
"dateUpdated": "2024-08-07T05:04:48.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3416
Vulnerability from cvelistv5
Published
2013-07-10 21:00
Modified
2024-08-06 16:07
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1028765 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1028766 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:37.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1028765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028765"
},
{
"name": "1028766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028766"
},
{
"name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-20T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1028765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028765"
},
{
"name": "1028766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028766"
},
{
"name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-3416",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1028765",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028765"
},
{
"name": "1028766",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028766"
},
{
"name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-3416",
"datePublished": "2013-07-10T21:00:00",
"dateReserved": "2013-05-06T00:00:00",
"dateUpdated": "2024-08-06T16:07:37.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5488
Vulnerability from cvelistv5
Published
2013-09-12 01:00
Modified
2024-08-06 17:15
Severity ?
EPSS score ?
Summary
Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=30749 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/87026 | vdb-entry, x_refsource_XF | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/62333 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
},
{
"name": "cisco-cve20135488-dos(87026)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
},
{
"name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
},
{
"name": "62333",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62333"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
},
{
"name": "cisco-cve20135488-dos(87026)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
},
{
"name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
},
{
"name": "62333",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62333"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
},
{
"name": "cisco-cve20135488-dos(87026)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
},
{
"name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
},
{
"name": "62333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62333"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5488",
"datePublished": "2013-09-12T01:00:00",
"dateReserved": "2013-08-22T00:00:00",
"dateUpdated": "2024-08-06T17:15:20.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}