CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1156
https://notcve.org/view.php?id=CVE-2013-1156
Directory traversal vulnerability in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCud51034. Vulnerabilidad de salto de directorio en Cisco Prime Central para Hosted Collaboration Solution, permite a atacantes remotos leer archivos de su elección a través de una URL manipulada. Aka Bug ID CSCud51034. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1156 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1159
https://notcve.org/view.php?id=CVE-2013-1159
Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56706. Vulnerabilidad XSS en los menús web de Netcool Impact (NCI) en Cisco Prime Central para Hosted Collaboration Solution permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un parámetro no especificado. Aka Bug ID CSCud56706. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1158
https://notcve.org/view.php?id=CVE-2013-1158
Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) help menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud54397. Vulnerabilidad XSS en los menús de ayuda de IBM Tivoli Monitoring (ITM) en Cisco Prime Central para Hosted Collaboration Solution permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un parámetro no especificado. Aka Bug ID CSCud54397. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1158 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1160
https://notcve.org/view.php?id=CVE-2013-1160
Cross-site scripting (XSS) vulnerability in the OpenView web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56743. Vulnerabilidad XSS en los menús web de OpenView en Cisco Prime Central para Hosted Collaboration Solution permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un parámetro no especificado. Aka Bug ID CSCud56743. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1160 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 11EXPL: 0CVE-2013-1196
https://notcve.org/view.php?id=CVE-2013-1196
The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, and CSCug29426, a different issue than CVE-2013-1125. La interfaz de línea de comandos en el sistema Cisco Secure Access Control (ACS), Servicios de Identidad del motor de software, Agente de Directorio Contexto, Gerente de Redes de Aplicaciones (ANM), Sistema de Control de Red Prime, LAN Management Solution Prime (LMS), Prime Collaboration, Provisioning Manager Unificado , Network Services Manager, el primer Data Center Network Manager (DCNM) y Quad no validan correctamente la entrada, lo que permite a usuarios locales obtener privilegios de root a través de vectores no especificados. Vulnerabilidad también conocida como Bug ID CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416 , CSCug29418, CSCug29422, CSCug29425 y CSCug29426. Se trata de una cuestión diferente que CVE-2013-1125. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1196 • CWE-20: Improper Input Validation •