Cisco Prime License Manager vulnerabilities

5 known vulnerabilities affecting cisco/prime_license_manager.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2021-1362HIGHCVSS 8.8≥ 10.5\(2\), < 11.5\(1\)su92021-04-08
CVE-2021-1362 [HIGH] CWE-94 CVE-2021-1362: A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Comm A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow an authenticated, remote attacker to execute arbitrary code on an affected device
nvd
CVE-2021-1226MEDIUMCVSS 6.5≥ 11.5\(1\), < 11.5\(1\)su9v10.5\(2\)2021-01-13
CVE-2021-1226 [MEDIUM] CWE-532 CVE-2021-1226: A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unifie A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisco Prime License Manager could allow an authenticated, remote attacker to view sen
nvd
CVE-2020-3140CRITICALCVSS 9.8≤ 10.5\(2\)su9≥ 11.0, ≤ 11.5\(1\)su62020-07-16
CVE-2020-3140 [CRITICAL] CWE-255 CVE-2020-3140: A vulnerability in the web management interface of Cisco Prime License Manager (PLM) Software could A vulnerability in the web management interface of Cisco Prime License Manager (PLM) Software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of user input on the web management interface. An attacker could exploit this vulnerability by submitting a
nvd
CVE-2018-15441CRITICALCVSS 9.8≥ 11.0.1, ≤ 11.5v11.5\(1\)2018-11-28
CVE-2018-15441 [CRITICAL] CWE-89 CVE-2018-15441: A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauth A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted HTTP POST requests that contai
nvd
CVE-2017-6779HIGHCVSS 7.5≥ 10.5, < 10.5.2≥ 11.0, < 11.5\(1\)su52018-06-07
CVE-2017-6779 [HIGH] CWE-399 CVE-2017-6779: Multiple Cisco products are affected by a vulnerability in local file management for certain system Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maxi
nvd