|
Description
|
|
Multiple vulnerabilities were identified in Cisco Security Agent, which could be exploited to conduct directory traversal, SQL injection, or denial of service attacks.
This first issue is caused by input validation errors in the Management Center when processing user-supplied data, which may be exploited by authenticated users to execute SQL statements.
The second vulnerability is caused by input validation errors in the Management Center when processing user-supplied data, which may be exploited by authenticated users to view and download arbitrary files from the server.
The third issue is caused by an unspecified error when processing a series of TCP packets, which could be exploited by attackers to cause a denial of service.
|
