Cisco Prime Security Manager vulnerabilities
5 known vulnerabilities affecting cisco/prime_security_manager.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2016-1301HIGHCVSS 8.8v9.0.0v9.0.1-40+10 more2016-02-07
CVE-2016-1301 [HIGH] CWE-284 CVE-2016-1301: The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(112) and Cisc
The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(112) and Cisco Prime Security Manager (PRSM) software before 9.3.1.1(112) allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842.
nvd
CVE-2014-3365MEDIUMCVSS 4.3≤ 9.2.1-22015-02-12
CVE-2014-3365 [MEDIUM] CWE-79 CVE-2014-3365: Multiple cross-site scripting (XSS) vulnerabilities in Cisco Prime Security Manager (PRSM) 9.2(.1-2)
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Prime Security Manager (PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via crafted input to the (1) Dashboard or (2) Configure Realm page, aka Bug ID CSCuo94808.
nvd
CVE-2014-3364MEDIUMCVSS 4.3≤ 9.2.1-22014-12-13
CVE-2014-3364 [MEDIUM] CWE-79 CVE-2014-3364: Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Man
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary Dashboard parameter, aka Bug ID CSCuq80661.
nvd
CVE-2014-2118MEDIUMCVSS 4.3≤ 9.2.1-2v9.0+8 more2014-03-27
CVE-2014-2118 [MEDIUM] CWE-79 CVE-2014-2118: Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Pri
Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687.
nvd
CVE-2012-4629HIGHCVSS 7.8≤ 9.02012-09-12
CVE-2012-4629 [HIGH] CWE-399 CVE-2012-4629: The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (AS
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603.
nvd