All the vulnerabilites related to cisco - digital_media_manager
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2024-11-21 01:12
Severity ?
Summary
Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | digital_media_manager | 5.0 | |
| cisco | digital_media_manager | 5.0.1 | |
| cisco | digital_media_manager | 5.0.2 | |
| cisco | digital_media_manager | 5.0.3 | |
| cisco | digital_media_manager | 5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98D3AF9D-2540-4E49-923D-98683F0404BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8B5C0A-3DA6-4F7E-A73E-456F93876DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2515E7AA-03E8-4DD1-B19E-105604BD9F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BADC9AB-BEFA-480F-A4D2-0C8CFE837C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB2DB16-8394-4705-AB81-9CE1F005DE58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008."
},
{
"lang": "es",
"value": "Vulnerabilidad inespecifica en Cisco Digital Media Manager (DMM) v5.0.x y v5.1.x permite a usuarios remotos autenticados conseguir privilegios a traves de vectores desconocidos, y consecuentemente ejecutar codigo arbitrario a traves de una aplicacion web manipulada, tambien conocido como Bug ID CSCtc46008."
}
],
"id": "CVE-2010-0571",
"lastModified": "2024-11-21T01:12:28.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-03-05T19:30:00.657",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/38800"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023671"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/38500"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2010/0531"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56636"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-19 15:55
Modified
2024-11-21 01:34
Severity ?
Summary
Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remote authenticated users to execute arbitrary code via vectors involving a URL and an administrative resource, aka Bug ID CSCts63878.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | digital_media_manager | * | |
| cisco | digital_media_manager | 3.5 | |
| cisco | digital_media_manager | 3.5\(1\) | |
| cisco | digital_media_manager | 4.0 | |
| cisco | digital_media_manager | 4.1\(0\)40 | |
| cisco | digital_media_manager | 5.0 | |
| cisco | digital_media_manager | 5.0.2 | |
| cisco | digital_media_manager | 5.0.3 | |
| cisco | digital_media_manager | 5.1 | |
| cisco | digital_media_manager | 5.1.1 | |
| cisco | digital_media_manager | 5.2.1 | |
| cisco | digital_media_manager | 5.2.1.1 | |
| cisco | digital_media_manager | 5.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D608FED-9711-4E2A-B30B-5680085E5B6D",
"versionEndIncluding": "5.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6E38F84C-8BEE-48CB-B2D0-9786EE71BF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:3.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "19A6ED5C-A776-4549-A891-C3A85C4C8499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AE1EC1-50FA-44D9-914E-7FF54DFFFC20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:4.1\\(0\\)40:*:*:*:*:*:*:*",
"matchCriteriaId": "2518BE46-E94A-47CE-96D2-1D1B7065D6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98D3AF9D-2540-4E49-923D-98683F0404BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2515E7AA-03E8-4DD1-B19E-105604BD9F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BADC9AB-BEFA-480F-A4D2-0C8CFE837C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB2DB16-8394-4705-AB81-9CE1F005DE58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C93B19E1-1433-48B3-B54A-D924B173F48E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A329F7E-7D3F-464B-B9D1-15781DCFEC03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3DF3C19-DE9C-4218-9A1A-AEE49495BFFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "66B8248F-6993-4AF5-B6ED-CC66FB571BDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remote authenticated users to execute arbitrary code via vectors involving a URL and an administrative resource, aka Bug ID CSCts63878."
},
{
"lang": "es",
"value": "Cisco Digital Media Manager v5.2.2 y anteriores y v5.2.3, permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores relacionados con una URL y un recurso administrativo. Se trata de un problema tambi\u00e9n conocido como Bug ID CSCts63878."
}
],
"id": "CVE-2012-0329",
"lastModified": "2024-11-21T01:34:48.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-01-19T15:55:01.023",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1026541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026541"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2024-11-21 01:12
Severity ?
Summary
Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | digital_media_manager | 5.0 | |
| cisco | digital_media_manager | 5.0.1 | |
| cisco | digital_media_manager | 5.0.2 | |
| cisco | digital_media_manager | 5.0.3 | |
| cisco | digital_media_manager | 5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98D3AF9D-2540-4E49-923D-98683F0404BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8B5C0A-3DA6-4F7E-A73E-456F93876DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2515E7AA-03E8-4DD1-B19E-105604BD9F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BADC9AB-BEFA-480F-A4D2-0C8CFE837C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB2DB16-8394-4705-AB81-9CE1F005DE58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378."
},
{
"lang": "es",
"value": "Cisco Digital Media Manager (DMM) v5.0.x y v5.1.x tiene una contrase\u00f1a por defecto para la cuenta de administracion del Tomcat, lo que hace mas facil a atacantes remotos ejecutar codigo arbitrario a traves de una aplicacion web manipulada, tambien conocido como Bug ID CSCta03378."
}
],
"evaluatorComment": "Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml\r\n\r\n\"Default Credentials\r\n\r\nCisco DMM versions 5.0.x and 5.1.x are affected by this vulnerability. Cisco DMM versions 4.x are not vulnerable\"",
"id": "CVE-2010-0570",
"lastModified": "2024-11-21T01:12:28.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-03-05T19:30:00.627",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/38800"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023671"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/38503"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2010/0531"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56634"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-15 19:29
Modified
2024-11-21 03:36
Severity ?
Summary
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | struts | * | |
| apache | struts | * | |
| cisco | digital_media_manager | - | |
| cisco | hosted_collaboration_solution | 10.5\(1\) | |
| cisco | hosted_collaboration_solution | 11.0\(1\) | |
| cisco | hosted_collaboration_solution | 11.5\(1\) | |
| cisco | hosted_collaboration_solution | 11.6\(1\) | |
| cisco | media_experience_engine | 3.5 | |
| cisco | media_experience_engine | 3.5.2 | |
| cisco | network_performance_analysis | - | |
| cisco | video_distribution_suite_for_internet_streaming | - | |
| netapp | oncommand_balance | - |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Apache Struts Deserialization of Untrusted Data Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13744BE3-2443-4640-BDB4-722C4D393B65",
"versionEndExcluding": "2.3.34",
"versionStartIncluding": "2.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B45E858-E783-4D6E-AFD3-97E9963EB05B",
"versionEndExcluding": "2.5.13",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B1E953-33EF-498D-AB75-4A0A7733BC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:hosted_collaboration_solution:10.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF4C9089-0F27-4C66-8E12-2BCAC148B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:hosted_collaboration_solution:11.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7FCC3E9D-4D39-4530-A5FC-7E9A4E395D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:hosted_collaboration_solution:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F972A2A1-3002-4086-8FA2-F231D4ED0B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:hosted_collaboration_solution:11.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D52C5D91-33D1-4C90-BEC9-90D955AA5883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:media_experience_engine:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93C3A3B2-B346-47F4-B987-0098AB95F939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:media_experience_engine:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "87CCEC7F-058D-4202-88B3-F06372DFFA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_performance_analysis:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76D400A4-9918-494E-89B7-EAA57B2830D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:video_distribution_suite_for_internet_streaming:-:*:*:*:*:*:*:*",
"matchCriteriaId": "912F9C5E-AA5F-4746-AC49-D33C2495C73B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads."
},
{
"lang": "es",
"value": "El Plugin REST en Apache Struts versiones 2.1.1 hasta 2.3.x anteriores a 2.3.34 y versiones 2.5.x anteriores a 2.5.13, usa una XStreamHandler con una instancia de XStream para deserializaci\u00f3n sin ning\u00fan filtrado de tipos, lo que puede conllevar a una ejecuci\u00f3n de c\u00f3digo remota cuando se deserializan cargas XML."
}
],
"id": "CVE-2017-9805",
"lastModified": "2024-11-21T03:36:53.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-15T19:29:00.237",
"references": [
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100609"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039263"
},
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax"
},
{
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488482"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-052"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link"
],
"url": "https://lgtm.com/blog/apache_struts_CVE-2017-9805"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170907-0001/"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://struts.apache.org/docs/s2-052.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42627/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/112992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://lgtm.com/blog/apache_struts_CVE-2017-9805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170907-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://struts.apache.org/docs/s2-052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42627/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/112992"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-12 13:28
Modified
2024-11-21 01:53
Severity ?
Summary
Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | digital_media_manager | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B1E953-33EF-498D-AB75-4A0A7733BC54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849."
},
{
"lang": "es",
"value": "Vulnerabilidad de redirecci\u00f3n abierta en la p\u00e1gina de login de Cisco Digital Media Manager (DMM) permite a atacantes remotos redirigir usuarios a sitios web arbitrarios y efectuar ataques de phishing a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCub23849."
}
],
"id": "CVE-2013-3446",
"lastModified": "2024-11-21T01:53:39.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-09-12T13:28:32.190",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3446"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2024-11-21 01:12
Severity ?
Summary
Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a (1) error log or (2) stack trace, aka Bug ID CSCtc46050.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | digital_media_manager | * | |
| cisco | digital_media_manager | 5.0 | |
| cisco | digital_media_manager | 5.0.1 | |
| cisco | digital_media_manager | 5.0.2 | |
| cisco | digital_media_manager | 5.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22A7E017-43EC-4542-AF97-3020604B24EF",
"versionEndIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98D3AF9D-2540-4E49-923D-98683F0404BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8B5C0A-3DA6-4F7E-A73E-456F93876DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2515E7AA-03E8-4DD1-B19E-105604BD9F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:digital_media_manager:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BADC9AB-BEFA-480F-A4D2-0C8CFE837C4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a (1) error log or (2) stack trace, aka Bug ID CSCtc46050."
},
{
"lang": "es",
"value": "Cisco Digital Media Manager (DMM) en versiones anteriores a v5.2 permite a usuarios remotos autenticados descubrir las credenciales a traves de vectores relacionados con (1) el registro de errores o (2) trazado de la pila, tambien conocido como Bug ID CSCtc46050."
}
],
"id": "CVE-2010-0572",
"lastModified": "2024-11-21T01:12:28.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-03-05T19:30:00.687",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/38800"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023671"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/38502"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2010/0531"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56637"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2010-0572
Vulnerability from cvelistv5
Published
2010-03-05 19:00
Modified
2024-08-07 00:52
Severity ?
EPSS score ?
Summary
Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a (1) error log or (2) stack trace, aka Bug ID CSCtc46050.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/38502 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1023671 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56637 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/38800 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2010/0531 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38502",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38502"
},
{
"name": "1023671",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "cisco-ddm-mediaplayer-info-disc(56637)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56637"
},
{
"name": "38800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38800"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "ADV-2010-0531",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a (1) error log or (2) stack trace, aka Bug ID CSCtc46050."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "38502",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38502"
},
{
"name": "1023671",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "cisco-ddm-mediaplayer-info-disc(56637)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56637"
},
{
"name": "38800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38800"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "ADV-2010-0531",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0572",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a (1) error log or (2) stack trace, aka Bug ID CSCtc46050."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38502",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38502"
},
{
"name": "1023671",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "cisco-ddm-mediaplayer-info-disc(56637)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56637"
},
{
"name": "38800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38800"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "ADV-2010-0531",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0572",
"datePublished": "2010-03-05T19:00:00",
"dateReserved": "2010-02-10T00:00:00",
"dateUpdated": "2024-08-07T00:52:19.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3446
Vulnerability from cvelistv5
Published
2013-09-12 01:00
Modified
2024-09-16 17:22
Severity ?
EPSS score ?
Summary
Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3446 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:37.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130911 Cisco Digital Media System DMM Open Redirect Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3446"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-12T01:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130911 Cisco Digital Media System DMM Open Redirect Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3446"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-3446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130911 Cisco Digital Media System DMM Open Redirect Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3446"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-3446",
"datePublished": "2013-09-12T01:00:00Z",
"dateReserved": "2013-05-06T00:00:00Z",
"dateUpdated": "2024-09-16T17:22:50.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0570
Vulnerability from cvelistv5
Published
2010-03-05 19:00
Modified
2024-08-07 00:52
Severity ?
EPSS score ?
Summary
Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1023671 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/38800 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/38503 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56634 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2010/0531 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1023671",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "38800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38800"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "38503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38503"
},
{
"name": "cisco-ddm-default-credentials(56634)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56634"
},
{
"name": "ADV-2010-0531",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1023671",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "38800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38800"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "38503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38503"
},
{
"name": "cisco-ddm-default-credentials(56634)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56634"
},
{
"name": "ADV-2010-0531",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1023671",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "38800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38800"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "38503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38503"
},
{
"name": "cisco-ddm-default-credentials(56634)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56634"
},
{
"name": "ADV-2010-0531",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0570",
"datePublished": "2010-03-05T19:00:00",
"dateReserved": "2010-02-10T00:00:00",
"dateUpdated": "2024-08-07T00:52:19.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-9805
Vulnerability from cvelistv5
Published
2017-09-15 19:00
Modified
2024-08-05 17:18
Severity ?
EPSS score ?
Summary
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html | x_refsource_CONFIRM | |
| https://struts.apache.org/docs/s2-052.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1039263 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/100609 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2 | vendor-advisory, x_refsource_CISCO | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1488482 | x_refsource_CONFIRM | |
| https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/42627/ | exploit, x_refsource_EXPLOIT-DB | |
| https://lgtm.com/blog/apache_struts_CVE-2017-9805 | x_refsource_MISC | |
| https://cwiki.apache.org/confluence/display/WW/S2-052 | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20170907-0001/ | x_refsource_CONFIRM | |
| https://www.kb.cert.org/vuls/id/112992 | third-party-advisory, x_refsource_CERT-VN |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Apache Software Foundation | Apache Struts |
Version: Apache Struts before 2.3.34 and 2.5.x before 2.5.13 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:18:01.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://struts.apache.org/docs/s2-052.html"
},
{
"name": "1039263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039263"
},
{
"name": "100609",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100609"
},
{
"name": "20170907 Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488482"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax"
},
{
"name": "42627",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42627/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lgtm.com/blog/apache_struts_CVE-2017-9805"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170907-0001/"
},
{
"name": "VU#112992",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/112992"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Struts",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache Struts before 2.3.34 and 2.5.x before 2.5.13"
}
]
}
],
"datePublic": "2017-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "RCE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-12T20:45:53",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://struts.apache.org/docs/s2-052.html"
},
{
"name": "1039263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039263"
},
{
"name": "100609",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100609"
},
{
"name": "20170907 Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488482"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax"
},
{
"name": "42627",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42627/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lgtm.com/blog/apache_struts_CVE-2017-9805"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cwiki.apache.org/confluence/display/WW/S2-052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170907-0001/"
},
{
"name": "VU#112992",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/112992"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-9805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Struts",
"version": {
"version_data": [
{
"version_value": "Apache Struts before 2.3.34 and 2.5.x before 2.5.13"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "RCE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html"
},
{
"name": "https://struts.apache.org/docs/s2-052.html",
"refsource": "CONFIRM",
"url": "https://struts.apache.org/docs/s2-052.html"
},
{
"name": "1039263",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039263"
},
{
"name": "100609",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100609"
},
{
"name": "20170907 Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1488482",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488482"
},
{
"name": "https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax",
"refsource": "CONFIRM",
"url": "https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax"
},
{
"name": "42627",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42627/"
},
{
"name": "https://lgtm.com/blog/apache_struts_CVE-2017-9805",
"refsource": "MISC",
"url": "https://lgtm.com/blog/apache_struts_CVE-2017-9805"
},
{
"name": "https://cwiki.apache.org/confluence/display/WW/S2-052",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/WW/S2-052"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170907-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170907-0001/"
},
{
"name": "VU#112992",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/112992"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-9805",
"datePublished": "2017-09-15T19:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-08-05T17:18:01.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0329
Vulnerability from cvelistv5
Published
2012-01-19 15:00
Modified
2024-08-06 18:23
Severity ?
EPSS score ?
Summary
Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remote authenticated users to execute arbitrary code via vectors involving a URL and an administrative resource, aka Bug ID CSCts63878.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1026541 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1026541",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026541"
},
{
"name": "20120118 Cisco Digital Media Manager Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remote authenticated users to execute arbitrary code via vectors involving a URL and an administrative resource, aka Bug ID CSCts63878."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-31T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1026541",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026541"
},
{
"name": "20120118 Cisco Digital Media Manager Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-0329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remote authenticated users to execute arbitrary code via vectors involving a URL and an administrative resource, aka Bug ID CSCts63878."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1026541",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026541"
},
{
"name": "20120118 Cisco Digital Media Manager Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-0329",
"datePublished": "2012-01-19T15:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:30.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0571
Vulnerability from cvelistv5
Published
2010-03-05 19:00
Modified
2024-08-07 00:52
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1023671 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/38800 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/38500 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56636 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2010/0531 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1023671",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "38800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38800"
},
{
"name": "38500",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38500"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "cisco-ddm-privilege-escalation(56636)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56636"
},
{
"name": "ADV-2010-0531",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1023671",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "38800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38800"
},
{
"name": "38500",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38500"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "cisco-ddm-privilege-escalation(56636)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56636"
},
{
"name": "ADV-2010-0531",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1023671",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023671"
},
{
"name": "38800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38800"
},
{
"name": "38500",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38500"
},
{
"name": "20100303 Multiple Vulnerabilities in Cisco Digital Media Manager",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml"
},
{
"name": "cisco-ddm-privilege-escalation(56636)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56636"
},
{
"name": "ADV-2010-0531",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0571",
"datePublished": "2010-03-05T19:00:00",
"dateReserved": "2010-02-10T00:00:00",
"dateUpdated": "2024-08-07T00:52:19.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}