RSS   Vulnerabilities for 'Cloud services platform 2100'   RSS

2018-07-18
 
CVE-2018-0394

CWE-20
 

 
A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific function within the user interface. An attacker could exploit this vulnerability by injecting code into a function parameter. Cisco Bug IDs: CSCvi12935.

 
2017-10-19
 
CVE-2017-12251

 

 
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device. The vulnerability is due to weaknesses in the generation of certain authentication mechanisms in the URL of the web console. An attacker could exploit this vulnerability by browsing to one of the hosted VMs' URLs in Cisco CSP and viewing specific patterns that control the web application's mechanisms for authentication control. An exploit could allow the attacker to access a specific VM on the CSP, which causes a complete loss of the system's confidentiality, integrity, and availability. This vulnerability affects Cisco Cloud Services Platform (CSP) 2100 running software release 2.1.0, 2.1.1, 2.1.2, 2.2.0, 2.2.1, or 2.2.2. Cisco Bug IDs: CSCve64690.

 
2016-09-22
 
CVE-2016-6374

 

 
Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers to execute arbitrary code via a crafted dnslookup command in an HTTP request, aka Bug ID CSCuz89093.

 
 
CVE-2016-6373

 

 
The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated administrators to execute arbitrary OS commands as root via crafted platform commands, aka Bug ID CSCva00541.

 

 >>> Vendor: Cisco 1573 Products
IOS
Pix firewall
Router
Cisco 7xx routers
Catalyst 12xx supervisor software
Catalyst 29xx supervisor software
Catalyst 5xxx supervisor software
Ciscosecure
675 router
Cache engine
Resource manager
Pix private link
Catalyst 2900 vlan
Catos
Accesspath
As5200
As5300
As5800
System controller 3640
3660 router
7100 router
7200 router
7500 router
Ubr7200
Voice gateway as5800
Router 2500
Router 2600
Router 3600
Router 4000
Router 7200
Router 7500
Tacacs+
Gigabit switch router 12008
Gigabit switch router 12012
Gigabit switch router 12016
Catalyst 3500 xl
Virtual central office 4000
Secure access control server
Arrowpoint
Content services switch
Cisco 6xx routers
Broadband operating system
Catalyst 4000
Catalyst 5000
Catalyst 6000
Aironet
Aironet ap340
Pix firewall 515
Pix firewall 520
Content services switch 11050
Content services switch 11150
Content services switch 11800
Vpn 3000 concentrator
Vpn 3005 concentrator
Vpn 3015 concentrator
Vpn 3030 concentator
Vpn 3060 concentrator
Vpn 3080 concentrator
CBOS
Aironet 340
Catalyst 2900
Content services switch 11000
Catalyst 6000 intrusion detection system module
Secure intrusion detection system
HSRP
6400 nrp 2
Tftp server
12000 router
Catalyst 2900xl
Catalyst 2948g-l3
Catalyst 2950
Catalyst 3500xl
Catalyst 3550
Catalyst 4908g-l3
Catalyst 8500
Distributed director
Sn 5420 storage router
Pix firewall manager
ICDN
Ubr920
Ubr924
Ubr925
Call manager
Aironet ap350
Ata-186
Content distribution manager 4630
Content distribution manager 4650
Content engine
Cache engine 505
Cache engine 550
Cache engine 570
Content router 4430
Webns
Vpn 500 concentrator
Iscsi driver
Vpn client
Voip phone cp-7940
Voip phone cp-7910
Voip phone cp-7960
Ids device manager
See all Products for Vendor Cisco


Copyright 2019, cxsecurity.com

 

Back to Top