|
281421
|
- |
|
cisco
|
unified_intelligence_center
|
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence Center 10.0(1) and 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, …
|
CWE-352
Origin Validation Error
|
CVE-2015-4274
|
2024-11-21 11:30 |
2015-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281422
|
- |
|
cisco
|
identity_services_engine_software
|
The web interface in Cisco Identity Services Engine (ISE) 1.1(4.1), 1.3(106.146), and 1.3(120.135) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to con…
|
CWE-20
Improper Input Validation
|
CVE-2015-4266
|
2024-11-21 11:30 |
2015-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281423
|
- |
|
cisco
|
telepresence_tc_software
|
Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604.
|
CWE-284
Improper Access Control
|
CVE-2015-4271
|
2024-11-21 11:30 |
2015-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281424
|
- |
|
cisco
|
identity_services_engine_software
|
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(0.793), 1.3(0.876), 1.4(0.109), 2.0(0.147), and 2.0(0.169) allows remote attackers to …
|
CWE-352
Origin Validation Error
|
CVE-2015-4267
|
2024-11-21 11:30 |
2015-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281425
|
- |
|
cisco
|
asr_5000_series_software
|
The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 15.0(912), 15.0(935), and 15.0(938) allows remote attackers to cause a denial of service (Session Manager o…
|
CWE-20
Improper Input Validation
|
CVE-2015-4273
|
2024-11-21 11:30 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281426
|
- |
|
cisco
|
firesight_system_software
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.5 and 6.0.0 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs C…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4270
|
2024-11-21 11:30 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281427
|
- |
|
cisco
|
identity_services_engine_software
|
Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin UI in Cisco Identity Services Engine (ISE) 1.2(1.198) and 1.3(0.876) allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4268
|
2024-11-21 11:30 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281428
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the ccmivr page in Cisco Unified Communications Manager (formerly CallManager) 10.5(2.10000.5) allow remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4272
|
2024-11-21 11:30 |
2015-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281429
|
- |
|
cisco
|
unified_communications_manager
|
The Tomcat throttling feature in Cisco Unified Communications Manager 10.5(1.99995.9) allows remote authenticated users to cause a denial of service (management outage) by sending many requests, aka …
|
CWE-399
Resource Management Errors
|
CVE-2015-4269
|
2024-11-21 11:30 |
2015-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281430
|
- |
|
cisco
|
mobility_services_engine
|
The Control and Provisioning functionality in Cisco Mobility Services Engine (MSE) 10.0(0.1) allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCut36…
|
CWE-200
Information Exposure
|
CVE-2015-4263
|
2024-11-21 11:30 |
2015-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
