Vulnerabilities > Cisco > Prime Network Registrar > 7.1.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-10 | CVE-2023-44487 | Resource Exhaustion vulnerability in multiple products The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
2020-03-04 | CVE-2020-3148 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Network Registrar A vulnerability in the web-based interface of Cisco Prime Network Registrar (CPNR) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 4.3 |
2019-04-18 | CVE-2019-1840 | Improper Initialization vulnerability in Cisco Prime Network Registrar A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. | 7.8 |
2013-11-27 | CVE-2013-3394 | Cross-Site Scripting vulnerability in Cisco Prime Network Registrar Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka Bug ID CSCuh41429. | 4.3 |