Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Cisco Subscribe
Filtered by product Prime Security Manager
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3365 1 Cisco 1 Prime Security Manager 2017-08-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Prime Security Manager (PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via crafted input to the (1) Dashboard or (2) Configure Realm page, aka Bug ID CSCuo94808.
CVE-2016-1301 1 Cisco 2 Asa Cx Context-aware Security Software, Prime Security Manager 2016-12-05 8.5 HIGH 8.8 HIGH
The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(112) and Cisco Prime Security Manager (PRSM) software before 9.3.1.1(112) allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842.
CVE-2014-2118 1 Cisco 1 Prime Security Manager 2015-09-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687.
CVE-2014-3364 1 Cisco 1 Prime Security Manager 2014-12-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary Dashboard parameter, aka Bug ID CSCuq80661.
CVE-2012-4629 1 Cisco 3 Adaptive Security Appliance, Asa Cx Context-aware Security, Prime Security Manager 2013-04-04 7.8 HIGH N/A
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603.