CVE-2018-0107
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-0107
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulnerability by tricking the user of a web application into executing an adverse action. Cisco Bug IDs: CSCvg30313.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨站请求伪造(CSRF)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Prime Service Catalog 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Prime Service Catalog(PSC)是美国思科公司(Cisco)的一套通过单一的门户网站提供所有IT服务的服务目录解决方案。该方案支持自动化订购计算、网络、存储和其他数据中心资源的统一服务目录。 Cisco PSC中的Web框架存在跨站脚本漏洞。远程攻击者可利用该漏洞执行恶意操作。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | Cisco Prime Service Catalog | Cisco Prime Service Catalog | - |
II. Public POCs for CVE-2018-0107
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-0107
Please Login to view more intelligence information
- Cisco Prime Service Catalog Cross-Site Request Forgery Vulnerabilityx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-0107
Same Patch Batch · n/a · 2018-01-18 · 44 CVEs total
| CVE-2018-5772 | Exiv2 安全漏洞 | |
| CVE-2016-6814 | Apache Groovy 代码问题漏洞 | |
| CVE-2017-15869 | LiveZilla 跨站脚本漏洞 | |
| CVE-2017-12729 | Moxa SoftCMS Live Viewer SQL注入漏洞 | |
| CVE-2017-17860 | Samsung Gear S2和S3 输入验证错误漏洞 | |
| CVE-2018-5776 | WordPress MediaElement 跨站脚本漏洞 | |
| CVE-2012-6708 | jQuery 跨站脚本漏洞 | |
| CVE-2015-9251 | jQuery 跨站脚本漏洞 | |
| CVE-2016-10707 | jQuery 安全漏洞 | |
| CVE-2018-5773 | markdown2 跨站脚本漏洞 | |
| CVE-2014-2017 | OXID eShop 安全漏洞 | |
| CVE-2018-5766 | Libav 安全漏洞 | |
| CVE-2018-0115 | Cisco ASR 5000 Series路由器Cisco StarOS操作系统命令注入漏洞 | |
| CVE-2018-0111 | Cisco WebEx Meetings Server 信息泄露漏洞 | |
| CVE-2018-0110 | Cisco WebEx Meetings Server 安全漏洞 | |
| CVE-2018-0109 | Cisco WebEx Meetings Server 信息泄露漏洞 | |
| CVE-2018-0108 | Cisco WebEx Meetings Server 信息泄露漏洞 | |
| CVE-2018-0106 | Cisco Elastic Services Controller 信息泄露漏洞 | |
| CVE-2018-0105 | Cisco Unified Communications Manager 信息泄露漏洞 | |
| CVE-2018-0102 | Cisco Nexus 7000 Series Switches和7700 Series Switches Cisco NX-OS Software 安全漏洞 |
Showing top 20 of 44 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Cisco Prime Service Catalog
- CVE-2022-20680
Cisco Prime Service Catalog Information Disclosure Vulnerabi - CVE-2019-1874
Cisco Prime Service Catalog Cross-Site Request Forgery Vulne - CVE-2019-1875
Cisco Prime Service Catalog Cross-Site Scripting Vulnerabili - CVE-2018-15451
Cisco Prime Service Catalog Cross-Site Scripting Vulnerabili - CVE-2018-0285
Cisco Prime Service Catalog 安全漏洞
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
Same weakness: CWE-352
- CVE-2026-42286
Emlog: Cross-Site Request Forgery in Admin Functions - CVE-2026-42190
RedwoodSDK: Same-site CSRF in in server actions - CVE-2026-5791
CSRF in DivvyDrive Information Technologies' DivvyDrive - CVE-2026-27415
WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery - CVE-2025-68604
WordPress WPGraphQL plugin <= 2.5.3 - Cross Site Request For
V. Comments for CVE-2018-0107
No comments yet