The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Prime LMS

2 OpenSSL: use after free via DTLS
An attacker can force the usage of a freed memory area via DTLS in OpenSSL, in order to trigger a denial of service, and possibly to execute code...
1961569, 9010038, 9010039, BSA-2015-006, c05184351, CERTFR-2015-AVI-257, cisco-sa-20150612-openssl, CVE-2014-8176, DSA-3287-1, HPSBHF03613, NetBSD-SA2015-008, NTAP-20150616-0001, openSUSE-SU-2015:1277-1, PAN-SA-2016-0020, PAN-SA-2016-0028, RHSA-2015:1115-01, SA98, SB10122, SOL16920, USN-2639-1, VIGILANCE-VUL-17118
2 OpenSSL: four vulnerabilities
An attacker can use several vulnerabilities of OpenSSL...
1450666, 1610582, 1647054, 1961111, 1961569, 1964113, 1964766, 1966038, 1970103, 1972125, 9010038, 9010039, BSA-2015-006, bulletinjul2015, c04760669, c05184351, c05353965, CERTFR-2015-AVI-257, CERTFR-2015-AVI-431, CERTFR-2016-AVI-128, CERTFR-2016-AVI-303, cisco-sa-20150612-openssl, cpuapr2017, cpuoct2017, CTX216642, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, DSA-3287-1, FEDORA-2015-10047, FEDORA-2015-10108, FreeBSD-SA-15:10.openssl, HPSBGN03678, HPSBHF03613, HPSBUX03388, JSA10694, JSA10733, NetBSD-SA2015-008, NTAP-20150616-0001, openSUSE-SU-2015:1139-1, openSUSE-SU-2015:1277-1, openSUSE-SU-2015:2243-1, openSUSE-SU-2016:0640-1, PAN-SA-2016-0020, PAN-SA-2016-0028, RHSA-2015:1115-01, RHSA-2015:1197-01, SA40002, SA98, SB10122, SOL16898, SOL16913, SOL16915, SOL16938, SSA:2015-162-01, SSRT102180, SUSE-SU-2015:1143-1, SUSE-SU-2015:1150-1, SUSE-SU-2015:1181-1, SUSE-SU-2015:1181-2, SUSE-SU-2015:1182-2, SUSE-SU-2015:1183-1, SUSE-SU-2015:1183-2, SUSE-SU-2015:1184-1, SUSE-SU-2015:1184-2, SUSE-SU-2015:1185-1, TNS-2015-07, TSB16728, USN-2639-1, VIGILANCE-VUL-17117
2 OpenSSL: use after free via NewSessionTicket
An attacker, who own a malicious TLS server, can send the NewSessionTicket message, to force the usage of a freed memory area in a client linked to OpenSSL, in order to trigger a denial of service, and possibly to execute code...
1961569, 1964113, 1970103, 2003480, 2003620, 2003673, 9010038, 9010039, bulletinjul2015, c04760669, c05184351, c05353965, CERTFR-2015-AVI-431, CERTFR-2016-AVI-128, CERTFR-2016-AVI-303, cisco-sa-20150612-openssl, cpuapr2017, cpuoct2016, cpuoct2017, CTX216642, CVE-2015-1791, DSA-3287-1, FEDORA-2015-10047, FEDORA-2015-10108, FreeBSD-SA-15:10.openssl, HPSBGN03678, HPSBHF03613, HPSBUX03388, JSA10694, JSA10733, NetBSD-SA2015-008, NTAP-20150616-0001, openSUSE-SU-2015:1139-1, openSUSE-SU-2016:0640-1, PAN-SA-2016-0020, PAN-SA-2016-0028, RHSA-2015:1115-01, SA40002, SA98, SB10122, SOL16914, SSA:2015-162-01, SSRT102180, SUSE-SU-2015:1143-1, SUSE-SU-2015:1150-1, SUSE-SU-2015:1182-2, SUSE-SU-2015:1184-1, SUSE-SU-2015:1184-2, SUSE-SU-2015:1185-1, TSB16728, USN-2639-1, VIGILANCE-VUL-17062
2 OpenSSL, LibReSSL, Mono, JSSE: weakening TLS encryption via FREAK
An attacker, located as a Man-in-the-Middle, can force the Chrome, JSSE, LibReSSL, Mono or OpenSSL client to accept a weak export algorithm, in order to more easily capture or alter exchanged data...
122007, 1450666, 1610582, 1647054, 1698613, 1699051, 1699810, 1700225, 1700997, 1701485, 1902260, 1903541, 1963275, 1968485, 1973383, 55767, 7014463, 7022958, 9010028, ARUBA-PSA-2015-003, bulletinjan2015, c04556853, c04679334, c04773241, CERTFR-2015-AVI-108, CERTFR-2015-AVI-117, CERTFR-2015-AVI-146, CERTFR-2016-AVI-303, cisco-sa-20150310-ssl, cpuapr2017, cpujul2018, cpuoct2017, CTX216642, CVE-2015-0138, CVE-2015-0204, DSA-3125-1, FEDORA-2015-0512, FEDORA-2015-0601, FG-IR-15-007, FREAK, FreeBSD-SA-15:01.openssl, HPSBMU03345, HPSBUX03244, HPSBUX03334, JSA10679, MDVSA-2015:019, MDVSA-2015:062, MDVSA-2015:063, NetBSD-SA2015-006, NetBSD-SA2015-007, NTAP-20150205-0001, openSUSE-SU-2015:0130-1, openSUSE-SU-2016:0640-1, RHSA-2015:0066-01, RHSA-2015:0800-01, RHSA-2015:1020-01, RHSA-2015:1021-01, RHSA-2015:1091-01, SA40015, SA88, SA91, SB10108, SB10110, SOL16120, SOL16123, SOL16124, SOL16126, SOL16135, SOL16136, SOL16139, SP-CAAANXD, SPL-95203, SPL-95206, SSA:2015-009-01, SSRT101885, SSRT102000, SUSE-SU-2015:1073-1, SUSE-SU-2015:1085-1, SUSE-SU-2015:1086-1, SUSE-SU-2015:1086-2, SUSE-SU-2015:1086-3, SUSE-SU-2015:1086-4, SUSE-SU-2015:1138-1, SUSE-SU-2015:1161-1, T1022075, USN-2459-1, VIGILANCE-VUL-16301, VN-2015-003_FREAK, VU#243585
2 JSSE, CyaSSL, Mono, OpenSSL: clear text session via SKIP-TLS
An attacker, who has a TLS server, can force the JSSE, CyaSSL, Mono or OpenSSL client/server to use a clear text session, in order to allow a third party to capture or alter exchanged data...
1699051, 1700706, 1701485, 9010028, ARUBA-PSA-2015-003, bulletinjan2015, c04517481, c04556853, c04580241, c04583581, CERTFR-2015-AVI-108, CERTFR-2015-AVI-146, CERTFR-2016-AVI-303, cisco-sa-20150310-ssl, cpujan2015, cpuoct2017, CTX216642, CVE-2014-6593, CVE-2015-0205, DSA-3125-1, DSA-3144-1, DSA-3147-1, FEDORA-2015-0512, FEDORA-2015-0601, FEDORA-2015-0983, FEDORA-2015-1075, FEDORA-2015-1150, FEDORA-2015-8251, FEDORA-2015-8264, FreeBSD-SA-15:01.openssl, HPSBUX03219, HPSBUX03244, HPSBUX03273, HPSBUX03281, JSA10679, MDVSA-2015:019, MDVSA-2015:033, MDVSA-2015:062, NetBSD-SA2015-006, NTAP-20150205-0001, openSUSE-SU-2015:0130-1, openSUSE-SU-2015:0190-1, openSUSE-SU-2015:1277-1, RHSA-2015:0066-01, RHSA-2015:0067-01, RHSA-2015:0068-01, RHSA-2015:0069-01, RHSA-2015:0079-01, RHSA-2015:0080-01, RHSA-2015:0085-01, RHSA-2015:0086-01, RHSA-2015:0133-01, RHSA-2015:0134-01, RHSA-2015:0135-01, RHSA-2015:0136-01, RHSA-2015:0263-01, RHSA-2015:0264-01, SA40015, SA88, SB10104, SB10108, SKIP-TLS, SOL16120, SOL16123, SOL16124, SOL16126, SOL16135, SOL16136, SOL16139, SPL-95203, SSA:2015-009-01, SSRT101859, SSRT101885, SSRT101951, SSRT101968, SUSE-SU-2015:0336-1, SUSE-SU-2015:0503-1, USN-2459-1, USN-2486-1, USN-2487-1, VIGILANCE-VUL-16300, VMSA-2015-0003, VMSA-2015-0003.1, VMSA-2015-0003.10, VMSA-2015-0003.11, VMSA-2015-0003.12, VMSA-2015-0003.13, VMSA-2015-0003.14, VMSA-2015-0003.15, VMSA-2015-0003.2, VMSA-2015-0003.3, VMSA-2015-0003.4, VMSA-2015-0003.5, VMSA-2015-0003.6, VMSA-2015-0003.8, VMSA-2015-0003.9
2 Cisco Prime LMS: Cross Site Scripting of Common Services Help Page
An attacker can trigger a Cross Site Scripting in Common Services Help Page of Cisco Prime LMS, in order to execute JavaScript code in the context of the web site...
CSCuq54654, CVE-2015-0594, VIGILANCE-VUL-16277
2 OpenSSL: multiple vulnerabilities
An attacker can use several vulnerabilities of OpenSSL...
1610582, 1699810, 1700997, 1902260, 1903541, 1973383, 55767, 9010028, ARUBA-PSA-2015-003, bulletinjan2015, c04556853, c04679334, CERTFR-2015-AVI-008, CERTFR-2015-AVI-108, CERTFR-2015-AVI-146, CERTFR-2016-AVI-303, cisco-sa-20150310-ssl, cpuapr2017, cpujul2018, cpuoct2016, cpuoct2017, CTX216642, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206, DSA-3125-1, FEDORA-2015-0512, FEDORA-2015-0601, FreeBSD-SA-15:01.openssl, HPSBUX03244, HPSBUX03334, JSA10679, MDVSA-2015:019, MDVSA-2015:062, MDVSA-2015:063, NetBSD-SA2015-006, NetBSD-SA2015-007, NTAP-20150205-0001, openSUSE-SU-2015:0130-1, openSUSE-SU-2015:1277-1, openSUSE-SU-2016:0640-1, RHSA-2015:0066-01, RHSA-2015:0800-01, SA40015, SA88, SB10108, SOL16120, SOL16123, SOL16124, SOL16126, SOL16135, SOL16136, SOL16139, SP-CAAANXD, SPL-95203, SPL-95206, SSA:2015-009-01, SSRT101885, SSRT102000, SUSE-SU-2015:1138-1, SUSE-SU-2015:1161-1, USN-2459-1, VIGILANCE-VUL-15934, VU#243585
2 OpenSSL: NULL pointer dereference via ssl23_get_client_hello
An attacker can force a NULL pointer to be dereferenced in ssl23_get_client_hello() of OpenSSL, in order to trigger a denial of service...
1973383, 9010028, ARUBA-PSA-2015-003, bulletinapr2017, bulletinjan2015, c04556853, CERTFR-2015-AVI-108, CERTFR-2015-AVI-146, CERTFR-2016-AVI-303, cisco-sa-20150310-ssl, cpuoct2017, CTX216642, CVE-2014-3569, DSA-3125-1, FreeBSD-SA-15:01.openssl, HPSBUX03244, JSA10679, MDVSA-2015:019, MDVSA-2015:062, NetBSD-SA2015-006, NTAP-20150205-0001, openSUSE-SU-2015:0130-1, openSUSE-SU-2016:0640-1, SA40015, SA88, SB10108, SSA:2015-009-01, SSRT101885, VIGILANCE-VUL-15882
2 Cisco Prime LAN Management Solution: Cross Frame Scripting
An attacker can trigger a Cross Frame Scripting of Cisco Prime LAN Management Solution, in order to execute JavaScript code in the context of the web site...
BID-62366, CSCug77823, CVE-2013-5482, VIGILANCE-VUL-13424
2 Cisco Prime, Secure ACS: privilege escalation
An attacker can format special commands for Cisco Prime and Secure ACS, in order to escalate his privileges...
CSCug13866, CSCug29384, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, CSCug29426, CVE-2013-1196, VIGILANCE-VUL-12745
Our database contains other pages. You can request a free trial to read them.

Display information about Prime LMS: