Skip to main content
CVE-2013-1221 CRITICAL Act Now

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Tomcat RCE Cisco Unified Customer Voice Portal
NVD
CVSS 2.0
10.0
EPSS
5.0%
CVE-2013-0685 CRITICAL Act Now

Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Denial Of Service RCE Wonderware Information Server
NVD
CVSS 2.0
9.3
EPSS
1.9%
CVE-2013-0686 CRITICAL Act Now

Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service XXE Wonderware Information Server
NVD
CVSS 2.0
9.3
EPSS
0.5%
CVE-2013-0600 CRITICAL Act Now

Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 FP3 allows remote attackers to bypass authentication and perform administrative actions via unknown. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass IBM Websphere Datapower Xc10 Appliance Firmware Websphere Datapower Xc10 Appliance
NVD
CVSS 2.0
9.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy