Vulnerabilities > Cisco > Prime Central FOR Hosted Collaboration Solution

DATE CVE VULNERABILITY TITLE RISK
2013-11-06 CVE-2013-5562 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
The ITM web server in Cisco Prime Central for Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (temporary HTTP service outage) via a flood of TCP packets, aka Bug ID CSCuh36313.
network
low complexity
cisco CWE-119
5.0
5.0
2013-11-04 CVE-2013-5564 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
The Java process in the Impact server in Cisco Prime Central for Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (process crash) via a flood of TCP packets, aka Bug ID CSCug57345.
network
low complexity
cisco CWE-119
5.0
5.0
2013-10-10 CVE-2013-3409 Credentials Management vulnerability in Cisco Prime Central for Hosted Collaboration Solution
The portal in Cisco Prime Central for Hosted Collaboration Solution (HCS) places cleartext credentials in temporary files, which allows local users to obtain sensitive information by leveraging weak file permissions to read these files, aka Bug IDs CSCuh33735 and CSCuh34230.
local
low complexity
cisco CWE-255
4.3
4.3
2013-06-26 CVE-2013-3398 Information Exposure vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, which allows remote attackers to enumerate directories and files via a series of crafted requests, aka Bug ID CSCuh64574.
network
low complexity
cisco CWE-200
5.0
5.0
2013-06-14 CVE-2013-3375 Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
Cross-site scripting (XSS) vulnerability in the portal page in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCue23798.
network
cisco CWE-79
4.3
4.3
2013-05-01 CVE-2013-1160 Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
Cross-site scripting (XSS) vulnerability in the OpenView web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56743.
network
cisco CWE-79
4.3
4.3
2013-05-01 CVE-2013-1159 Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56706.
network
cisco CWE-79
4.3
4.3
2013-05-01 CVE-2013-1158 Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) help menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud54397.
network
cisco CWE-79
4.3
4.3
2013-05-01 CVE-2013-1157 Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) Java servlet container in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud51068.
network
cisco CWE-79
4.3
4.3
2013-05-01 CVE-2013-1156 Path Traversal vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution
Directory traversal vulnerability in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCud51034.
network
low complexity
cisco CWE-22
5.0
5.0