Filtered by vendor Cisco Subscriptions
Total 6587 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-0723 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum05343.
CVE-2014-0718 1 Cisco 1 Ips Sensor Software 2025-04-11 N/A
The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266.
CVE-2014-0709 1 Cisco 1 Ucs Director 2025-04-11 N/A
Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930.
CVE-2014-0654 1 Cisco 1 Context Directory Agent 2025-04-11 N/A
Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383.
CVE-2014-0653 1 Cisco 1 Adaptive Security Appliance 2025-04-11 N/A
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340.
CVE-2014-0651 1 Cisco 1 Context Directory Agent 2025-04-11 N/A
The administrative interface in Cisco Context Directory Agent (CDA) does not properly enforce authorization requirements, which allows remote authenticated users to obtain administrative access by hijacking a session, aka Bug ID CSCuj45347.
CVE-2014-0649 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.
CVE-2013-6971 1 Cisco 1 Webex Training Center 2025-04-11 N/A
Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul57140.
CVE-2013-6970 1 Cisco 1 Webex Meeting Center 2025-04-11 N/A
Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928.
CVE-2013-6969 1 Cisco 1 Webex Training Center 2025-04-11 N/A
The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990.
CVE-2013-6967 1 Cisco 1 Webex Sales Center 2025-04-11 N/A
Open redirect vulnerability in the mobile-browser subsystem in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36020.
CVE-2013-6965 1 Cisco 1 Webex Training Center 2025-04-11 N/A
The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul36183.
CVE-2013-6962 1 Cisco 1 Webex Meeting Center 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the mobile-browser subsystem in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36228.
CVE-2013-6961 1 Cisco 1 Webex Meeting Center 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Collaboration Partner Access Console (CPAC) in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36237.
CVE-2013-6960 1 Cisco 1 Webex Meeting Center 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36248.
CVE-2013-3420 1 Cisco 2 Identity Services Engine, Identity Services Engine Software 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh25506.
CVE-2013-3421 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Help index page in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75170.
CVE-2013-3422 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165.
CVE-2013-3423 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174.
CVE-2013-3424 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Access Control System (ACS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCud75177.