Cisco Unified Operations Manager vulnerabilities
6 known vulnerabilities affecting cisco/unified_operations_manager.
Total CVEs
6
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2011-2738CRITICALCVSS 10.0≤ 8.5v1.0+9 more2011-09-19
CVE-2011-2738 [CRITICAL] CVE-2011-2738: Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2
nvd
CVE-2011-0960HIGHCVSS 7.5PoC≤ 8.5v1.1+8 more2011-05-20
CVE-2011-0960 [HIGH] CWE-89 CVE-2011-0960: Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow r
Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716.
nvd
CVE-2011-0959MEDIUMCVSS 4.3PoC≤ 8.5v1.1+8 more2011-05-20
CVE-2011-0959 [MEDIUM] CWE-79 CVE-2011-0959: Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) befor
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) d
nvd
CVE-2011-0962MEDIUMCVSS 4.3PoC≤ 8.5v1.1+8 more2011-05-20
CVE-2011-0962 [MEDIUM] CWE-79 CVE-2011-0962: Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the
Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712.
nvd
CVE-2010-3036CRITICALCVSS 10.0v2.0.1v2.0.2+1 more2010-10-29
CVE-2010-3036 [CRITICAL] CWE-119 CVE-2010-3036: Multiple buffer overflows in the authentication functionality in the web-server module in Cisco Cisc
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
nvd
CVE-2009-1161CRITICALCVSS 10.0v1.0v1.1+2 more2009-05-21
CVE-2009-1161 [CRITICAL] CWE-22 CVE-2009-1161: Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrar
nvd