Cisco Security Manager 4.24

CPE Details

Cisco Security Manager 4.24
cisco
security_manager
4.24
2022-01-20
15h11 +00:00
2022-02-02
14h17 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:security_manager:4.24:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

security_manager

Version

4.24

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-0594 2015-02-27 01h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS) and Cisco Security Manager, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq54654 and CSCun18263.
4.3
CVE-2013-5488 2013-09-11 23h00 +00:00 Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.
5
CVE-2008-3820 2009-01-22 17h00 +00:00 Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
6.8
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.