CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0651
https://notcve.org/view.php?id=CVE-2014-0651
08 Jan 2014 — The administrative interface in Cisco Context Directory Agent (CDA) does not properly enforce authorization requirements, which allows remote authenticated users to obtain administrative access by hijacking a session, aka Bug ID CSCuj45347. El interfaz administrativo en Cisco Context Directory Agent (CDA) no fuerza apropiadamente los requisitos de autenticación, lo que permite a usuarios autenticados obtener acceso administrativo secuestrando una sesión, tambien conocido como Bug ID CSCuj45347. • http://osvdb.org/101809 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0652
https://notcve.org/view.php?id=CVE-2014-0652
08 Jan 2014 — Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco Context Directory Agent (CDA) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuj45358. Vulnerabilidad cross-site scripting (XSS) en la página Mappings de Cisco Context Directory Agent (CDA) per4mite a atacantes remotos inyectar script web o HTML de forma arbitraria a través de una URL manipulada, tambien conocido como Bug ID CSCuj45358. • http://osvdb.org/101803 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0654
https://notcve.org/view.php?id=CVE-2014-0654
08 Jan 2014 — Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383. Cisco Context Directory Agent (CDA) permite a atacantes remotos modificar la cache a través de un ataque replay que involucra mensajes RADIUS manipulados, tambien conocido como Bug ID CSCuj45383. • http://osvdb.org/101802 • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0656
https://notcve.org/view.php?id=CVE-2014-0656
08 Jan 2014 — Cisco Context Directory Agent (CDA) allows remote authenticated users to trigger the omission of certain user-interface data via crafted field values, aka Bug ID CSCuj45353. Cisco Context Directory Agent (CDA) permite a los usuarios remotos autenticados desencadenar la omisión de ciertos datos de la interfaz de usuario a través de los valores de campo manipulados, también conocido como Bug ID CSCuj45353. • http://osvdb.org/101801 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2013-1196
https://notcve.org/view.php?id=CVE-2013-1196
29 Apr 2013 — The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, C... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1196 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-1125
https://notcve.org/view.php?id=CVE-2013-1125
19 Feb 2013 — The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1125 • CWE-20: Improper Input Validation •