CVSS: 10.0EPSS: 15%CPEs: 28EXPL: 0CVE-2011-2738 – Cisco Unified Service Monitor brstart sm_read_string_length Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2738
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow. Múltiples vulnerabilidades no especificadas en Unified Service Monitor de Cisco anterior a versión 8.6, tal y como es usado en Unified Operations Manager anterior a versión 8.6 y CiscoWorks LAN Management Solution versiones 3.x y 4.x anteriores a 4.1; y múltiples productos de Ionix de EMC, incluido Application Connectivity Monitor (Ionix ACM) versión 2.3 y versiones anteriores, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) versión 3.2.0.2 y anteriores, IP Management Suite (Ionix IP) versión 8.1.1.1 y versiones anteriores, y otros productos Ionix; permiten a los atacantes remotos ejecutar código arbitrario por medio de paquetes diseñados al puerto TCP 9002, también se conoce como Bug IDs CSCtn42961 y CSCtn64922, relacionados con un desbordamiento de búfer. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified Service Monitor due to bundled EMC SMARTS application server. Authentication is not required to exploit this vulnerability. The flaw exists within the brstart.exe service which listens by default on TCP port 9002. When handling the authentication portion of a SMARTS request the process extracts a user provided value to allocate a buffer via sm_read_string_length then blindly copies user supplied data into this buffer on the heap. • http://secunia.com/advisories/45979 http://secunia.com/advisories/46016 http://secunia.com/advisories/46052 http://secunia.com/advisories/46053 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml http://www.osvdb.org/75442 http://www.securityfocus.com/archive/1/519646/100/0/threaded http://www.securityfocus.com/bid/49627 http://www.securityfocus.com/bid/49644 http:/&# •
CVSS: 4.3EPSS: 2%CPEs: 10EXPL: 9CVE-2011-0959 – Cisco Unified Operations Manager 8.5 - '/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp' Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-0959
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Cisco Unified Operations Manager (CUOM) antes de v8.6, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de (1) el parámetro extn de iptm/advancedfind.do, (2) el parámetro deviceInstanceName de iptm/ddv.do, el (3) cmd o (4) el parámetro group de iptm/eventmon, el parámetro (5) clusterName o (6) deviceName de iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, o el parámetro (7) ccmName o (8) clusterName de iptm/logicalTopo.do, también conocido como Bug ID CSCtn61716. Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected. • https://www.exploit-db.com/exploits/35765 https://www.exploit-db.com/exploits/35766 https://www.exploit-db.com/exploits/35762 https://www.exploit-db.com/exploits/35763 https://www.exploit-db.com/exploits/35764 https://www.exploit-db.com/exploits/17304 http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html http://tools.cisco.com/security/center/viewAlert.x?alertId=23085 http://www.exploit-db.com/exploits/17304 http://www.senseofsecurity.com.au/advisories/SO • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 4CVE-2011-0960 – Cisco Unified Operations Manager - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-0960
Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716. Múltiples vulnerabilidades de inyección SQL en Cisco Unified Operations Manager (CUOM) anterior a v8.6, permite a atacantes remotos ejecuctar comandos SQL de su elección a través de (1) el parámetro CCMs de iptm/PRTestCreation.do o (2) el parámetro ccm de iptm/TelePresenceReportAction.do, también conocido cómo Bug ID CSCtn61716. Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected. • https://www.exploit-db.com/exploits/17304 http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html http://tools.cisco.com/security/center/viewAlert.x?alertId=23086 http://www.exploit-db.com/exploits/17304 http://www.securityfocus.com/bid/47898 http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/67522 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 88%CPEs: 10EXPL: 5CVE-2011-0962 – Cisco Unified Operations Manager 8.5 - Common Services Device Center Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-0962
Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine en el Common Services Device Center en Cisco Unified Operations Manager (CUOM) anterior a v8.6 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "tag", también conocido como Bug ID CSCto12712. Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected. • https://www.exploit-db.com/exploits/35780 https://www.exploit-db.com/exploits/17304 http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html http://tools.cisco.com/security/center/viewAlert.x?alertId=23087 http://www.exploit-db.com/exploits/17304 http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/67524 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •