CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2009-0615
https://notcve.org/view.php?id=CVE-2009-0615
Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions." Vulnerabilidad de salto de directorio en Cisco Application Networking Manager (ANM) anterior a v2.0 y Application Control Engine (ACE) Device Manager anterior a vA3(2.1) permite a usuarios atenticados remotamente leer o modificar ficheros de su elección a através de vectores sin especificar relacionados con "permisos de directorio inválido". • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml http://www.securityfocus.com/bid/33903 http://www.securitytracker.com/id?1021770 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2009-0617
https://notcve.org/view.php?id=CVE-2009-0617
Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files. Cisco Application Networking Manager (ANM) anteriores a v2.0 utiliza una contraseña por defecto para el directorio raíz MySQL, el cual hace más fácil para atacantes remotos ejecutar arbitrariamente comandos del sistema operativo o cambiar archivos del sistema. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml http://www.securityfocus.com/bid/33903 http://www.securitytracker.com/id?1021771 • CWE-255: Credentials Management Errors •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2009-0618
https://notcve.org/view.php?id=CVE-2009-0618
Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files. Vulnerabilidad no especificada en el agente Java de Cisco Application Networking Manager (ANM) anterior a 2.0 Actualización A, permite a atacantes remotos obtener privilegios y provocar una denegación de servicio -parada del servicio- deteniendo procesos, u obteniendo información sensible leyendo los ficheros de configuración. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml http://www.securityfocus.com/bid/33903 http://www.securitytracker.com/id?1021772 •
CVSS: 5.0EPSS: 12%CPEs: 8EXPL: 0CVE-2005-4794
https://notcve.org/view.php?id=CVE-2005-4794
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. • http://secunia.com/advisories/15472 http://securitytracker.com/id?1014043 http://securitytracker.com/id?1014044 http://securitytracker.com/id?1014045 http://securitytracker.com/id?1014046 http://securitytracker.com/id? •
CVSS: 5.0EPSS: 1%CPEs: 53EXPL: 0CVE-2005-0598
https://notcve.org/view.php?id=CVE-2005-0598
The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets. • http://secunia.com/advisories/14395 http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml http://www.kb.cert.org/vuls/id/579240 http://www.securityfocus.com/bid/12648 https://exchange.xforce.ibmcloud.com/vulnerabilities/19469 •