CVE-2014-3364
https://notcve.org/view.php?id=CVE-2014-3364
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary Dashboard parameter, aka Bug ID CSCuq80661. Múltiples vulnerabilidades de XSS en el Framework web de Cisco Prime Security Manager 9.2.1-2 y anteriores (también conocido como PRSM) permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de los parámetros (1) Access Policies o (2) Device Summary Dashboard, también conocido como Bug ID CSCuq80661. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3364 http://tools.cisco.com/security/center/viewAlert.x?alertId=36741 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-2118
https://notcve.org/view.php?id=CVE-2014-2118
Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687. Múltiples vulnerabilidades de XSS en documentos HTML relacionados con el cuadro de mandos en Cisco Prime Security Manager (también conocido como PRSM) 9.2(.1-2) y anteriores permiten a atacantes remotos inyectar script Web o HTML arbitrarios a través de parámetros no especificados, también conocido como Bug ID CSCun50687. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2118 http://tools.cisco.com/security/center/viewAlert.x?alertId=33542 http://www.securityfocus.com/bid/66488 http://www.securitytracker.com/id/1029968 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-5488
https://notcve.org/view.php?id=CVE-2013-5488
Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969. Cisco Common Services, utilizado en Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, y Cisco Unified Operations Manager, no interactua apropiadamente con el componente ActiveMQ, lo que permite a atacantes remotos causar una denegación de servicio (agotamiento de memoria) a través de sesiones TCP simultáneas, tambien conocidas como Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, y CSCuh95969. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488 http://tools.cisco.com/security/center/viewAlert.x?alertId=30749 http://www.securityfocus.com/bid/62333 https://exchange.xforce.ibmcloud.com/vulnerabilities/87026 • CWE-20: Improper Input Validation •
CVE-2012-4629
https://notcve.org/view.php?id=CVE-2012-4629
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603. El módulo Cisco ASA-CX Context-Aware Security antes de v9.0.2-103 para dispositivos Adaptive Security Appliances (ASA) y Prime Security Manager (también conocidos como PRSM) antes de v9.0.2-103, permite a atacantes remotos provocar una denegación de servicio (consumo de disco y cuelgue de la aplicación), a través de paquetes IPv4 que activan entradas de registro. También conocido como Bug ID CSCub70603 • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx http://www.securityfocus.com/bid/55515 • CWE-399: Resource Management Errors •