Cisco Prime Service Catalog vulnerabilities

CVE-2022-20680 [MEDIUM] CWE-200 CVE-2022-20680: A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper enforcement of Administrator privilege levels for low-value sensitive data. An attacker with read-only Administrator access to t

CVE-2019-1874 [HIGH] CWE-352 CVE-2019-1874: A vulnerability in the web-based management interface of Cisco Prime Service Catalog Software could A vulnerability in the web-based management interface of Cisco Prime Service Catalog Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protection mechanisms on the web-based management interface on an affected device. An attac

CVE-2019-1875 [MEDIUM] CWE-20 CVE-2019-1875: A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could ex

CVE-2018-15451 [MEDIUM] CWE-79 CVE-2018-15451: A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based management