Vulnerabilities > Cisco > Videoscape Distribution Suite Service Manager

DATE CVE VULNERABILITY TITLE RISK
2016-10-05 CVE-2016-6418 Cross-site Scripting vulnerability in Cisco Videoscape Distribution Suite Service Manager
Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.0 through 3.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCva14552.
network
cisco CWE-79
4.3
4.3
2015-12-12 CVE-2015-6417 Permissions, Privileges, and Access Controls vulnerability in Cisco Videoscape Distribution Suite Service Manager
Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025.
network
low complexity
cisco CWE-264
6.5
6.5
2015-11-14 CVE-2015-6364 Information Exposure vulnerability in Cisco Videoscape Distribution Suite Service Manager 3.0.0/3.1.0/3.2.0
Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka Bug ID CSCuv86960.
network
low complexity
cisco CWE-200
5.0
5.0