Known Vulnerabilities for Prime Service Catalog by Cisco

Listed below are 10 of the newest known vulnerabilities associated with "Prime Service Catalog" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2022-20680	A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote att...	6.5 - MEDIUM	2022-02-10	2022-02-17
CVE-2019-1875	A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote att...	4.8 - MEDIUM	2019-06-20	2019-10-09
CVE-2019-1874	A vulnerability in the web-based management interface of Cisco Prime Service Catalog Software could allow an unauthenticated,...	8.8 - HIGH	2019-06-20	2019-06-24
CVE-2018-15451	A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote att...	5.4 - MEDIUM	2018-11-08	2019-10-09
CVE-2018-0285	A vulnerability in service logging for Cisco Prime Service Catalog could allow an authenticated, remote attacker to deny serv...	6.5 - MEDIUM	2018-05-02	2019-10-09
CVE-2018-0200	A vulnerability in the web-based interface of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to ...	6.1 - MEDIUM	2018-02-22	2019-10-09
CVE-2018-0107	A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execut...	8.8 - HIGH	2018-01-18	2019-10-09
CVE-2017-12364	A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote atta...	6.5 - MEDIUM	2017-11-30	2019-10-09
CVE-2017-3866	A vulnerability in the web framework code of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to c...	6.1 - MEDIUM	2017-03-17	2017-07-12
CVE-2017-3810	A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct ...	5.4 - MEDIUM	2017-02-03	2017-07-25

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Cisco	Prime Service Catalog	9.4.1_vortex	All	All	All
Application	Cisco	Prime Service Catalog	12.1	All	All	All
Application	Cisco	Prime Service Catalog	12.0	All	All	All
Application	Cisco	Prime Service Catalog	11.1.1	All	All	All
Application	Cisco	Prime Service Catalog	11.1	All	All	All
Application	Cisco	Prime Service Catalog	11.0_base	All	All	All
Application	Cisco	Prime Service Catalog	11.0	All	All	All
Application	Cisco	Prime Service Catalog	10.1_base	All	All	All
Application	Cisco	Prime Service Catalog	10.1	All	All	All
Application	Cisco	Prime Service Catalog	10.0_base	All	All	All
Application	Cisco	Prime Service Catalog	10.0\(r2\)_base	All	All	All
Application	Cisco	Prime Service Catalog	-	All	All	All

Cisco Prime Service Catalog

www.cisco.com/c/en/us/products/cloud-systems-management/prime-service-catalog/index.html

Cisco Prime Service Catalog Cisco Prime Service Catalog provides a self- service portal, service # ! request management, and an IT service

www.cisco.com/en/US/products/ps11927/index.html www.cisco.com/en/US/products/ps13206/index.html www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-service-catalog/solution-overview-c22-733408.html Service catalog Self-service Data center Information technology Cisco Systems Automation IT service management Service (economics) User interface Desktop computer Management Customer Provisioning (telecommunications) Application lifecycle management E-commerce Service provider Sopra Steria Flexibility (engineering) Product (business) Business

Cisco Security Advisory: Cisco Prime Service Catalog Cross-Site Scripting Vulnerability

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-psc-xss

Cisco Security Advisory: Cisco Prime Service Catalog Cross-Site Scripting Vulnerability = ; 9A vulnerability in the web-based management interface of Cisco Prime Service Catalog CiscoSecurityAdvisory/ isco -sa-20181107-psc-xss

Vulnerability (computing) Cisco Systems Web application Cross-site scripting User (computing) World Wide Web Management interface Service catalog Exploit (computer security) Security hacker Computer security Information Windows Metafile vulnerability Software Authentication Interface (computing) Security Cisco Prime ISO 15924 Data validation

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Known Vulnerabilities for Prime Service Catalog by Cisco