Cisco Ciscoworks Common Services — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Ciscoworks Common Services, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2010-3036 — CVSS 10.0 (critical): Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow…
CVE-2009-1161 — CVSS 10.0 (critical): Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in…
CVE-2008-2054 — CVSS 9.3 (critical): Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a…
CVE-2011-3310 — CVSS 9.0 (critical): The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco…
CVE-2004-0079 — CVSS 7.5 (high): The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service…
CVE-2011-0966 — CVSS 6.8 (medium): Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and…
CVE-2004-0112 — CVSS 5.0 (medium): The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of…
CVE-2005-0356 — CVSS 5.0 (medium): Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote…
CVE-2011-2042 — CVSS 5.0 (medium): The Sybase SQL Anywhere database component in Cisco CiscoWorks Common Services 3.x and 4.x before 4.1 allows remote attackers to obtain…
CVE-2004-0081 — CVSS 5.0 (medium): OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service…
CVE-2011-0961 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and earlier…
CVE-2011-4237 — CVSS 4.3 (medium): CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and…