Search

Find a vulnerability

Search criteria

    22 vulnerabilities found for unified_operations_manager by cisco

    CVE-2013-5488 (GCVE-0-2013-5488)

    Vulnerability from nvd – Published: 2013-09-12 01:00 – Updated: 2024-08-06 17:15
    VLAI
    Summary
    Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:15:20.253Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
              },
              {
                "name": "cisco-cve20135488-dos(87026)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
              },
              {
                "name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
              },
              {
                "name": "62333",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/62333"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
            },
            {
              "name": "cisco-cve20135488-dos(87026)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
            },
            {
              "name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
            },
            {
              "name": "62333",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/62333"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-5488",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
                },
                {
                  "name": "cisco-cve20135488-dos(87026)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
                },
                {
                  "name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
                },
                {
                  "name": "62333",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/62333"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-5488",
        "datePublished": "2013-09-12T01:00:00.000Z",
        "dateReserved": "2013-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:15:20.253Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3440 (GCVE-0-2013-3440)

    Vulnerability from nvd – Published: 2013-07-23 17:00 – Updated: 2024-08-06 16:07
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    http://tools.cisco.com/security/center/viewAlert.… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/61414 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1028819 vdb-entryx_refsource_SECTRACK
    http://osvdb.org/95584 vdb-entryx_refsource_OSVDB
    Date Public
    2013-07-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:07:37.923Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130722 Cisco Unified Operations Manager Cross-Site Scripting Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30175"
              },
              {
                "name": "61414",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/61414"
              },
              {
                "name": "1028819",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1028819"
              },
              {
                "name": "95584",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/95584"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-07-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-17T21:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130722 Cisco Unified Operations Manager Cross-Site Scripting Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30175"
            },
            {
              "name": "61414",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/61414"
            },
            {
              "name": "1028819",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1028819"
            },
            {
              "name": "95584",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/95584"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-3440",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130722 Cisco Unified Operations Manager Cross-Site Scripting Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440"
                },
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30175",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30175"
                },
                {
                  "name": "61414",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/61414"
                },
                {
                  "name": "1028819",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1028819"
                },
                {
                  "name": "95584",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/95584"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-3440",
        "datePublished": "2013-07-23T17:00:00.000Z",
        "dateReserved": "2013-05-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:07:37.923Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3439 (GCVE-0-2013-3439)

    Vulnerability from nvd – Published: 2013-07-23 17:00 – Updated: 2024-08-06 16:07
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    http://www.securityfocus.com/bid/61416 vdb-entryx_refsource_BID
    http://osvdb.org/95585 vdb-entryx_refsource_OSVDB
    http://tools.cisco.com/security/center/viewAlert.… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1028825 vdb-entryx_refsource_SECTRACK
    Date Public
    2013-07-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:07:37.952Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130722 Cisco Unified Operations Manager HTTP Header Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3439"
              },
              {
                "name": "61416",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/61416"
              },
              {
                "name": "95585",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/95585"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30174"
              },
              {
                "name": "1028825",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1028825"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-07-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-17T21:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130722 Cisco Unified Operations Manager HTTP Header Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3439"
            },
            {
              "name": "61416",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/61416"
            },
            {
              "name": "95585",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/95585"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30174"
            },
            {
              "name": "1028825",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1028825"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-3439",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130722 Cisco Unified Operations Manager HTTP Header Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3439"
                },
                {
                  "name": "61416",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/61416"
                },
                {
                  "name": "95585",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/95585"
                },
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30174",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30174"
                },
                {
                  "name": "1028825",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1028825"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-3439",
        "datePublished": "2013-07-23T17:00:00.000Z",
        "dateReserved": "2013-05-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:07:37.952Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3437 (GCVE-0-2013-3437)

    Vulnerability from nvd – Published: 2013-07-22 14:00 – Updated: 2024-08-06 16:07
    VLAI
    Summary
    SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/95472 vdb-entryx_refsource_OSVDB
    http://tools.cisco.com/security/center/viewAlert.… x_refsource_CONFIRM
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Date Public
    2013-07-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:07:37.908Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "95472",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/95472"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30153"
              },
              {
                "name": "20130719 Cisco Unified Operations Manager SQL Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3437"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-07-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-01-22T14:57:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "95472",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/95472"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30153"
            },
            {
              "name": "20130719 Cisco Unified Operations Manager SQL Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3437"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-3437",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "95472",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/95472"
                },
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30153",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30153"
                },
                {
                  "name": "20130719 Cisco Unified Operations Manager SQL Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3437"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-3437",
        "datePublished": "2013-07-22T14:00:00.000Z",
        "dateReserved": "2013-05-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:07:37.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3416 (GCVE-0-2013-3416)

    Vulnerability from nvd – Published: 2013-07-10 21:00 – Updated: 2024-08-06 16:07
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1028765 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id/1028766 vdb-entryx_refsource_SECTRACK
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Date Public
    2013-07-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:07:37.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1028765",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1028765"
              },
              {
                "name": "1028766",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1028766"
              },
              {
                "name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-07-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-08-20T09:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "1028765",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1028765"
            },
            {
              "name": "1028766",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1028766"
            },
            {
              "name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-3416",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1028765",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1028765"
                },
                {
                  "name": "1028766",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1028766"
                },
                {
                  "name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-3416",
        "datePublished": "2013-07-10T21:00:00.000Z",
        "dateReserved": "2013-05-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:07:37.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2738 (GCVE-0-2011-2738)

    Vulnerability from nvd – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:08
    VLAI
    Summary
    Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/46052 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1026048 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/46053 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/45979 third-party-advisoryx_refsource_SECUNIA
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://www.osvdb.org/75442 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/46016 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/49627 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/49644 vdb-entryx_refsource_BID
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://www.securitytracker.com/id?1026059 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id?1026047 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id?1026046 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/519646/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2011-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:08:23.911Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "46052",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/46052"
              },
              {
                "name": "1026048",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026048"
              },
              {
                "name": "46053",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/46053"
              },
              {
                "name": "45979",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/45979"
              },
              {
                "name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
              },
              {
                "name": "75442",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/75442"
              },
              {
                "name": "cisco-unspecified-code-execution(69828)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
              },
              {
                "name": "46016",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/46016"
              },
              {
                "name": "49627",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49627"
              },
              {
                "name": "49644",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49644"
              },
              {
                "name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
              },
              {
                "name": "1026059",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026059"
              },
              {
                "name": "1026047",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026047"
              },
              {
                "name": "1026046",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026046"
              },
              {
                "name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "name": "46052",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/46052"
            },
            {
              "name": "1026048",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026048"
            },
            {
              "name": "46053",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/46053"
            },
            {
              "name": "45979",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/45979"
            },
            {
              "name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
            },
            {
              "name": "75442",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/75442"
            },
            {
              "name": "cisco-unspecified-code-execution(69828)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
            },
            {
              "name": "46016",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/46016"
            },
            {
              "name": "49627",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49627"
            },
            {
              "name": "49644",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49644"
            },
            {
              "name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
            },
            {
              "name": "1026059",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026059"
            },
            {
              "name": "1026047",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026047"
            },
            {
              "name": "1026046",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026046"
            },
            {
              "name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security_alert@emc.com",
              "ID": "CVE-2011-2738",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "46052",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/46052"
                },
                {
                  "name": "1026048",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026048"
                },
                {
                  "name": "46053",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/46053"
                },
                {
                  "name": "45979",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/45979"
                },
                {
                  "name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
                },
                {
                  "name": "75442",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/75442"
                },
                {
                  "name": "cisco-unspecified-code-execution(69828)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
                },
                {
                  "name": "46016",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/46016"
                },
                {
                  "name": "49627",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/49627"
                },
                {
                  "name": "49644",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/49644"
                },
                {
                  "name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
                },
                {
                  "name": "1026059",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026059"
                },
                {
                  "name": "1026047",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026047"
                },
                {
                  "name": "1026046",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026046"
                },
                {
                  "name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2011-2738",
        "datePublished": "2011-09-17T10:00:00.000Z",
        "dateReserved": "2011-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:08:23.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0962 (GCVE-0-2011-0962)

    Vulnerability from nvd – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:26.588Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
              },
              {
                "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
              },
              {
                "name": "17304",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/17304"
              },
              {
                "name": "cisco-uom-common-services-xss(67524)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cisco-uom-common-services-xss(67524)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2011-0962",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
                },
                {
                  "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
                  "refsource": "MISC",
                  "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
                },
                {
                  "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
                },
                {
                  "name": "17304",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/17304"
                },
                {
                  "name": "cisco-uom-common-services-xss(67524)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2011-0962",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:26.588Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0960 (GCVE-0-2011-0960)

    Vulnerability from nvd – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:26.483Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "47898",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47898"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
              },
              {
                "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
              },
              {
                "name": "17304",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/17304"
              },
              {
                "name": "cuom-prtestcreation-sql-injection(67522)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67522"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "47898",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47898"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cuom-prtestcreation-sql-injection(67522)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67522"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2011-0960",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "47898",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47898"
                },
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086"
                },
                {
                  "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
                  "refsource": "MISC",
                  "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
                },
                {
                  "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
                },
                {
                  "name": "17304",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/17304"
                },
                {
                  "name": "cuom-prtestcreation-sql-injection(67522)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67522"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2011-0960",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:26.483Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0959 (GCVE-0-2011-0959)

    Vulnerability from nvd – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:26.542Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
              },
              {
                "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
              },
              {
                "name": "17304",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/17304"
              },
              {
                "name": "cisco-uom-multiple-xss(67521)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cisco-uom-multiple-xss(67521)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2011-0959",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
                },
                {
                  "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
                  "refsource": "MISC",
                  "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
                },
                {
                  "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
                },
                {
                  "name": "17304",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/17304"
                },
                {
                  "name": "cisco-uom-multiple-xss(67521)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2011-0959",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:26.542Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-3036 (GCVE-0-2010-3036)

    Vulnerability from nvd – Published: 2010-10-29 18:00 – Updated: 2024-08-07 02:55
    VLAI
    Summary
    Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/68927 vdb-entryx_refsource_OSVDB
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://securitytracker.com/id?1024646 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/44468 vdb-entryx_refsource_BID
    http://secunia.com/advisories/42011 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/2793 vdb-entryx_refsource_VUPEN
    Date Public
    2010-10-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:55:46.619Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "68927",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68927"
              },
              {
                "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
              },
              {
                "name": "1024646",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1024646"
              },
              {
                "name": "44468",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/44468"
              },
              {
                "name": "42011",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42011"
              },
              {
                "name": "ADV-2010-2793",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2793"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-11-06T09:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "68927",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68927"
            },
            {
              "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
            },
            {
              "name": "1024646",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1024646"
            },
            {
              "name": "44468",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/44468"
            },
            {
              "name": "42011",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42011"
            },
            {
              "name": "ADV-2010-2793",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2793"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2010-3036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "68927",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68927"
                },
                {
                  "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
                },
                {
                  "name": "1024646",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1024646"
                },
                {
                  "name": "44468",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/44468"
                },
                {
                  "name": "42011",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42011"
                },
                {
                  "name": "ADV-2010-2793",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2793"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2010-3036",
        "datePublished": "2010-10-29T18:00:00.000Z",
        "dateReserved": "2010-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:55:46.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1161 (GCVE-0-2009-1161)

    Vulnerability from nvd – Published: 2009-05-21 14:00 – Updated: 2024-08-07 05:04
    VLAI
    Summary
    Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-0… third-party-advisoryx_refsource_JVNDB
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://www.securityfocus.com/bid/35040 vdb-entryx_refsource_BID
    http://jvn.jp/en/jp/JVN62527913/index.html third-party-advisoryx_refsource_JVN
    http://osvdb.org/54616 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1022263 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2009/1390 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/35179 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-05-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:04:48.874Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVNDB-2009-000032",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
              },
              {
                "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
              },
              {
                "name": "35040",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/35040"
              },
              {
                "name": "JVN#62527913",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
              },
              {
                "name": "54616",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/54616"
              },
              {
                "name": "1022263",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1022263"
              },
              {
                "name": "ADV-2009-1390",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/1390"
              },
              {
                "name": "35179",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35179"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-06-04T09:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "JVNDB-2009-000032",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
            },
            {
              "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
            },
            {
              "name": "35040",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/35040"
            },
            {
              "name": "JVN#62527913",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
            },
            {
              "name": "54616",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/54616"
            },
            {
              "name": "1022263",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1022263"
            },
            {
              "name": "ADV-2009-1390",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1390"
            },
            {
              "name": "35179",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35179"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2009-1161",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVNDB-2009-000032",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
                },
                {
                  "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
                },
                {
                  "name": "35040",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/35040"
                },
                {
                  "name": "JVN#62527913",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
                },
                {
                  "name": "54616",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/54616"
                },
                {
                  "name": "1022263",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1022263"
                },
                {
                  "name": "ADV-2009-1390",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/1390"
                },
                {
                  "name": "35179",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35179"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2009-1161",
        "datePublished": "2009-05-21T14:00:00.000Z",
        "dateReserved": "2009-03-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:04:48.874Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-5488 (GCVE-0-2013-5488)

    Vulnerability from cvelistv5 – Published: 2013-09-12 01:00 – Updated: 2024-08-06 17:15
    VLAI
    Summary
    Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2013-09-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T17:15:20.253Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
              },
              {
                "name": "cisco-cve20135488-dos(87026)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
              },
              {
                "name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
              },
              {
                "name": "62333",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/62333"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
            },
            {
              "name": "cisco-cve20135488-dos(87026)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
            },
            {
              "name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
            },
            {
              "name": "62333",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/62333"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-5488",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30749"
                },
                {
                  "name": "cisco-cve20135488-dos(87026)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87026"
                },
                {
                  "name": "20130911 Common Services ActiveMQ Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5488"
                },
                {
                  "name": "62333",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/62333"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-5488",
        "datePublished": "2013-09-12T01:00:00.000Z",
        "dateReserved": "2013-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-06T17:15:20.253Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3440 (GCVE-0-2013-3440)

    Vulnerability from cvelistv5 – Published: 2013-07-23 17:00 – Updated: 2024-08-06 16:07
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    http://tools.cisco.com/security/center/viewAlert.… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/61414 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1028819 vdb-entryx_refsource_SECTRACK
    http://osvdb.org/95584 vdb-entryx_refsource_OSVDB
    Date Public
    2013-07-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:07:37.923Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130722 Cisco Unified Operations Manager Cross-Site Scripting Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30175"
              },
              {
                "name": "61414",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/61414"
              },
              {
                "name": "1028819",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1028819"
              },
              {
                "name": "95584",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/95584"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-07-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-17T21:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130722 Cisco Unified Operations Manager Cross-Site Scripting Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30175"
            },
            {
              "name": "61414",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/61414"
            },
            {
              "name": "1028819",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1028819"
            },
            {
              "name": "95584",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/95584"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-3440",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130722 Cisco Unified Operations Manager Cross-Site Scripting Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440"
                },
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30175",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30175"
                },
                {
                  "name": "61414",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/61414"
                },
                {
                  "name": "1028819",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1028819"
                },
                {
                  "name": "95584",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/95584"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-3440",
        "datePublished": "2013-07-23T17:00:00.000Z",
        "dateReserved": "2013-05-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:07:37.923Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3439 (GCVE-0-2013-3439)

    Vulnerability from cvelistv5 – Published: 2013-07-23 17:00 – Updated: 2024-08-06 16:07
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    http://www.securityfocus.com/bid/61416 vdb-entryx_refsource_BID
    http://osvdb.org/95585 vdb-entryx_refsource_OSVDB
    http://tools.cisco.com/security/center/viewAlert.… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1028825 vdb-entryx_refsource_SECTRACK
    Date Public
    2013-07-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:07:37.952Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20130722 Cisco Unified Operations Manager HTTP Header Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3439"
              },
              {
                "name": "61416",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/61416"
              },
              {
                "name": "95585",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/95585"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30174"
              },
              {
                "name": "1028825",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1028825"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-07-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-17T21:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20130722 Cisco Unified Operations Manager HTTP Header Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3439"
            },
            {
              "name": "61416",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/61416"
            },
            {
              "name": "95585",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/95585"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30174"
            },
            {
              "name": "1028825",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1028825"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-3439",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20130722 Cisco Unified Operations Manager HTTP Header Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3439"
                },
                {
                  "name": "61416",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/61416"
                },
                {
                  "name": "95585",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/95585"
                },
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30174",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30174"
                },
                {
                  "name": "1028825",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1028825"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-3439",
        "datePublished": "2013-07-23T17:00:00.000Z",
        "dateReserved": "2013-05-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:07:37.952Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3437 (GCVE-0-2013-3437)

    Vulnerability from cvelistv5 – Published: 2013-07-22 14:00 – Updated: 2024-08-06 16:07
    VLAI
    Summary
    SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/95472 vdb-entryx_refsource_OSVDB
    http://tools.cisco.com/security/center/viewAlert.… x_refsource_CONFIRM
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Date Public
    2013-07-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:07:37.908Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "95472",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/95472"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30153"
              },
              {
                "name": "20130719 Cisco Unified Operations Manager SQL Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3437"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-07-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-01-22T14:57:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "95472",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/95472"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30153"
            },
            {
              "name": "20130719 Cisco Unified Operations Manager SQL Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3437"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-3437",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "95472",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/95472"
                },
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30153",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30153"
                },
                {
                  "name": "20130719 Cisco Unified Operations Manager SQL Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3437"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-3437",
        "datePublished": "2013-07-22T14:00:00.000Z",
        "dateReserved": "2013-05-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:07:37.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3416 (GCVE-0-2013-3416)

    Vulnerability from cvelistv5 – Published: 2013-07-10 21:00 – Updated: 2024-08-06 16:07
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1028765 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id/1028766 vdb-entryx_refsource_SECTRACK
    http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
    Date Public
    2013-07-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:07:37.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1028765",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1028765"
              },
              {
                "name": "1028766",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1028766"
              },
              {
                "name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-07-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-08-20T09:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "1028765",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1028765"
            },
            {
              "name": "1028766",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1028766"
            },
            {
              "name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2013-3416",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1028765",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1028765"
                },
                {
                  "name": "1028766",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1028766"
                },
                {
                  "name": "20130709 Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2013-3416",
        "datePublished": "2013-07-10T21:00:00.000Z",
        "dateReserved": "2013-05-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:07:37.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2738 (GCVE-0-2011-2738)

    Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:08
    VLAI
    Summary
    Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/46052 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1026048 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/46053 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/45979 third-party-advisoryx_refsource_SECUNIA
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://www.osvdb.org/75442 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/46016 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/49627 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/49644 vdb-entryx_refsource_BID
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://www.securitytracker.com/id?1026059 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id?1026047 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id?1026046 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/519646/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2011-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:08:23.911Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "46052",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/46052"
              },
              {
                "name": "1026048",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026048"
              },
              {
                "name": "46053",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/46053"
              },
              {
                "name": "45979",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/45979"
              },
              {
                "name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
              },
              {
                "name": "75442",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/75442"
              },
              {
                "name": "cisco-unspecified-code-execution(69828)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
              },
              {
                "name": "46016",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/46016"
              },
              {
                "name": "49627",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49627"
              },
              {
                "name": "49644",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/49644"
              },
              {
                "name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
              },
              {
                "name": "1026059",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026059"
              },
              {
                "name": "1026047",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026047"
              },
              {
                "name": "1026046",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026046"
              },
              {
                "name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "name": "46052",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/46052"
            },
            {
              "name": "1026048",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026048"
            },
            {
              "name": "46053",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/46053"
            },
            {
              "name": "45979",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/45979"
            },
            {
              "name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
            },
            {
              "name": "75442",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/75442"
            },
            {
              "name": "cisco-unspecified-code-execution(69828)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
            },
            {
              "name": "46016",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/46016"
            },
            {
              "name": "49627",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49627"
            },
            {
              "name": "49644",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/49644"
            },
            {
              "name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
            },
            {
              "name": "1026059",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026059"
            },
            {
              "name": "1026047",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026047"
            },
            {
              "name": "1026046",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026046"
            },
            {
              "name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security_alert@emc.com",
              "ID": "CVE-2011-2738",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "46052",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/46052"
                },
                {
                  "name": "1026048",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026048"
                },
                {
                  "name": "46053",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/46053"
                },
                {
                  "name": "45979",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/45979"
                },
                {
                  "name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
                },
                {
                  "name": "75442",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/75442"
                },
                {
                  "name": "cisco-unspecified-code-execution(69828)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
                },
                {
                  "name": "46016",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/46016"
                },
                {
                  "name": "49627",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/49627"
                },
                {
                  "name": "49644",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/49644"
                },
                {
                  "name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
                },
                {
                  "name": "1026059",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026059"
                },
                {
                  "name": "1026047",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026047"
                },
                {
                  "name": "1026046",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026046"
                },
                {
                  "name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2011-2738",
        "datePublished": "2011-09-17T10:00:00.000Z",
        "dateReserved": "2011-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:08:23.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0962 (GCVE-0-2011-0962)

    Vulnerability from cvelistv5 – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:26.588Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
              },
              {
                "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
              },
              {
                "name": "17304",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/17304"
              },
              {
                "name": "cisco-uom-common-services-xss(67524)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cisco-uom-common-services-xss(67524)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2011-0962",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
                },
                {
                  "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
                  "refsource": "MISC",
                  "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
                },
                {
                  "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
                },
                {
                  "name": "17304",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/17304"
                },
                {
                  "name": "cisco-uom-common-services-xss(67524)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67524"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2011-0962",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:26.588Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0959 (GCVE-0-2011-0959)

    Vulnerability from cvelistv5 – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:26.542Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
              },
              {
                "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
              },
              {
                "name": "17304",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/17304"
              },
              {
                "name": "cisco-uom-multiple-xss(67521)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cisco-uom-multiple-xss(67521)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2011-0959",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
                },
                {
                  "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
                  "refsource": "MISC",
                  "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
                },
                {
                  "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
                },
                {
                  "name": "17304",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/17304"
                },
                {
                  "name": "cisco-uom-multiple-xss(67521)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2011-0959",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:26.542Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0960 (GCVE-0-2011-0960)

    Vulnerability from cvelistv5 – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:26.483Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "47898",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47898"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
              },
              {
                "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
              },
              {
                "name": "17304",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "http://www.exploit-db.com/exploits/17304"
              },
              {
                "name": "cuom-prtestcreation-sql-injection(67522)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67522"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "47898",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47898"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cuom-prtestcreation-sql-injection(67522)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67522"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2011-0960",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "47898",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47898"
                },
                {
                  "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086",
                  "refsource": "CONFIRM",
                  "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086"
                },
                {
                  "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
                  "refsource": "MISC",
                  "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
                },
                {
                  "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
                },
                {
                  "name": "17304",
                  "refsource": "EXPLOIT-DB",
                  "url": "http://www.exploit-db.com/exploits/17304"
                },
                {
                  "name": "cuom-prtestcreation-sql-injection(67522)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67522"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2011-0960",
        "datePublished": "2011-05-20T22:00:00.000Z",
        "dateReserved": "2011-02-10T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:26.483Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-3036 (GCVE-0-2010-3036)

    Vulnerability from cvelistv5 – Published: 2010-10-29 18:00 – Updated: 2024-08-07 02:55
    VLAI
    Summary
    Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/68927 vdb-entryx_refsource_OSVDB
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://securitytracker.com/id?1024646 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/44468 vdb-entryx_refsource_BID
    http://secunia.com/advisories/42011 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/2793 vdb-entryx_refsource_VUPEN
    Date Public
    2010-10-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T02:55:46.619Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "68927",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68927"
              },
              {
                "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
              },
              {
                "name": "1024646",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1024646"
              },
              {
                "name": "44468",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/44468"
              },
              {
                "name": "42011",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42011"
              },
              {
                "name": "ADV-2010-2793",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2793"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-11-06T09:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "68927",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68927"
            },
            {
              "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
            },
            {
              "name": "1024646",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1024646"
            },
            {
              "name": "44468",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/44468"
            },
            {
              "name": "42011",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42011"
            },
            {
              "name": "ADV-2010-2793",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2793"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2010-3036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "68927",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68927"
                },
                {
                  "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
                },
                {
                  "name": "1024646",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1024646"
                },
                {
                  "name": "44468",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/44468"
                },
                {
                  "name": "42011",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42011"
                },
                {
                  "name": "ADV-2010-2793",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2793"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2010-3036",
        "datePublished": "2010-10-29T18:00:00.000Z",
        "dateReserved": "2010-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T02:55:46.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1161 (GCVE-0-2009-1161)

    Vulnerability from cvelistv5 – Published: 2009-05-21 14:00 – Updated: 2024-08-07 05:04
    VLAI
    Summary
    Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-0… third-party-advisoryx_refsource_JVNDB
    http://www.cisco.com/en/US/products/products_secu… vendor-advisoryx_refsource_CISCO
    http://www.securityfocus.com/bid/35040 vdb-entryx_refsource_BID
    http://jvn.jp/en/jp/JVN62527913/index.html third-party-advisoryx_refsource_JVN
    http://osvdb.org/54616 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1022263 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2009/1390 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/35179 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-05-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:04:48.874Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVNDB-2009-000032",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
              },
              {
                "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
              },
              {
                "name": "35040",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/35040"
              },
              {
                "name": "JVN#62527913",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
              },
              {
                "name": "54616",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/54616"
              },
              {
                "name": "1022263",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1022263"
              },
              {
                "name": "ADV-2009-1390",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/1390"
              },
              {
                "name": "35179",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/35179"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-05-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-06-04T09:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "JVNDB-2009-000032",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
            },
            {
              "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
            },
            {
              "name": "35040",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/35040"
            },
            {
              "name": "JVN#62527913",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
            },
            {
              "name": "54616",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/54616"
            },
            {
              "name": "1022263",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1022263"
            },
            {
              "name": "ADV-2009-1390",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1390"
            },
            {
              "name": "35179",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/35179"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "ID": "CVE-2009-1161",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVNDB-2009-000032",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
                },
                {
                  "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
                },
                {
                  "name": "35040",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/35040"
                },
                {
                  "name": "JVN#62527913",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
                },
                {
                  "name": "54616",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/54616"
                },
                {
                  "name": "1022263",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1022263"
                },
                {
                  "name": "ADV-2009-1390",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/1390"
                },
                {
                  "name": "35179",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/35179"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2009-1161",
        "datePublished": "2009-05-21T14:00:00.000Z",
        "dateReserved": "2009-03-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:04:48.874Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }