cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20294,https://securityvulnerability.io/vulnerability/CVE-2024-20294,Cisco FXOS Software Vulnerability Could Lead to Denial of Service,"A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
 This vulnerability is due to improper handling of specific fields in an LLDP frame. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface of an affected device and having an authenticated user retrieve LLDP statistics from the affected device through CLI show commands or Simple Network Management Protocol (SNMP) requests. A successful exploit could allow the attacker to cause the LLDP service to crash and stop running on the affected device. In certain situations, the LLDP crash may result in a reload of the affected device.
 Note: LLDP is a Layer 2 link protocol. To exploit this vulnerability, an attacker would need to be directly connected to an interface of an affected device, either physically or logically (for example, through a Layer 2 Tunnel configured to transport the LLDP protocol).",Cisco,"Cisco Nx-os Software,Cisco Unified Computing System (managed),Cisco Firepower Extensible Operating System (fxos),Cisco Nx-os System Software In Aci Mode",6.6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-29T01:43:00.000Z,0
CVE-2023-20200,https://securityvulnerability.io/vulnerability/CVE-2023-20200,Denial of Service Vulnerability in Cisco FXOS and UCS 6300 Series,"A vulnerability exists in the Simple Network Management Protocol (SNMP) service of certain Cisco devices, allowing an authenticated, remote attacker to induce a denial of service condition. This flaw arises from the improper handling of crafted SNMP requests, potentially leading to device reloads. Exploiting this vulnerability requires knowledge of the SNMP community string on SNMPv2c or earlier, or valid SNMP user credentials on SNMPv3.",Cisco,"Cisco Unified Computing System (Managed),Cisco Firepower Extensible Operating System (FXOS)",6.3,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2023-08-23T19:15:00.000Z,0
CVE-2013-5488,https://securityvulnerability.io/vulnerability/CVE-2013-5488,,"Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.",Cisco,"Unified Service Monitor,Unified Operations Manager,Security Manager,Prime Lan Management Solution",,,0.00675999978557229,false,,false,false,false,,,false,false,,2013-09-12T01:00:00.000Z,0
CVE-2013-3439,https://securityvulnerability.io/vulnerability/CVE-2013-3439,,"Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka Bug ID CSCud80182.",Cisco,Unified Operations Manager,,,0.002529999939724803,false,,false,false,false,,,false,false,,2013-07-23T17:00:00.000Z,0
CVE-2013-3440,https://securityvulnerability.io/vulnerability/CVE-2013-3440,,"Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186.",Cisco,Unified Operations Manager,,,0.002529999939724803,false,,false,false,false,,,false,false,,2013-07-23T17:00:00.000Z,0
CVE-2013-3437,https://securityvulnerability.io/vulnerability/CVE-2013-3437,,"SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179.",Cisco,Unified Operations Manager,,,0.0013699999544769526,false,,false,false,false,,,false,false,,2013-07-23T11:03:00.000Z,0
CVE-2013-3416,https://securityvulnerability.io/vulnerability/CVE-2013-3416,,"Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997.",Cisco,"Unified Service Monitor,Unified Operations Manager",,,0.0019199999514967203,false,,false,false,false,,,false,false,,2013-07-10T21:00:00.000Z,0
CVE-2011-2738,https://securityvulnerability.io/vulnerability/CVE-2011-2738,,"Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.",Cisco,"Unified Service Monitor,Ciscoworks Lan Management Solution,Unified Operations Manager",,,0.23005999624729156,false,,false,false,false,,,false,false,,2011-09-19T12:02:00.000Z,0
CVE-2011-0960,https://securityvulnerability.io/vulnerability/CVE-2011-0960,,"Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716.",Cisco,Unified Operations Manager,,,0.004389999900013208,false,,false,false,false,,,false,false,,2011-05-20T22:00:00.000Z,0
CVE-2011-0962,https://securityvulnerability.io/vulnerability/CVE-2011-0962,,"Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712.",Cisco,Unified Operations Manager,,,0.7915300130844116,false,,false,false,false,,,false,false,,2011-05-20T22:00:00.000Z,0
CVE-2011-0959,https://securityvulnerability.io/vulnerability/CVE-2011-0959,,"Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.",Cisco,Unified Operations Manager,,,0.018869999796152115,false,,false,false,false,,,false,false,,2011-05-20T22:00:00.000Z,0
CVE-2010-3036,https://securityvulnerability.io/vulnerability/CVE-2010-3036,,"Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.",Cisco,"Ciscoworks Common Services,Ciscoworks Lan Management Solution,Qos Policy Manager,Security Manager,Telepresence Readiness Assessment Manager,Unified Operations Manager,Unified Service Monitor",,,0.07632999867200851,false,,false,false,false,,,false,false,,2010-10-29T18:00:00.000Z,0
CVE-2009-1161,https://securityvulnerability.io/vulnerability/CVE-2009-1161,,"Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.",Cisco,"Ciscoworks Common Services,Ciscoworks Health And Utilization Monitor,Ciscoworks Lan Management Solution,Ciscoworks Qos Policy Manager,Ciscoworks Voice Manager,Security Manager,Telepresence Readiness Assessment Manager,Unified Operations Manager,Unified Provisioning Manager,Unified Service Monitor",,,0.018859999254345894,false,,false,false,false,,,false,false,,2009-05-21T14:00:00.000Z,0