| CVE-2017-12244 |
high |
8.6 |
8.6 |
|
|
cisco |
9y ago |
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial … |
| CVE-2017-12255 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands enter… |
| CVE-2017-12254 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. T… |
| CVE-2017-12253 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery … |
| CVE-2017-12252 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to device availabil… |
| CVE-2017-12250 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization (AO) related proces… |
| CVE-2017-12248 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user o… |
| CVE-2017-12214 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remo… |
| CVE-2015-0689 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protection mechanisms by leveraging improper handling of HTTP methods, aka Bug ID CSCut69743. |
| CVE-2017-12249 |
critical |
9.1 |
9.1 |
|
|
cisco |
9y ago |
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to… |
| CVE-2017-6794 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker m… |
| CVE-2017-6793 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulne… |
| CVE-2017-6792 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is … |
| CVE-2017-6791 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affe… |
| CVE-2017-6789 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)… |
| CVE-2017-6780 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventual… |
| CVE-2017-12227 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failur… |
| CVE-2017-12225 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixati… |
| CVE-2017-12224 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to enter a meeting with a hyperlink URL, even t… |
| CVE-2017-12221 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-12220 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack aga… |
| CVE-2017-12216 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vu… |
| CVE-2017-12212 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web inter… |
| CVE-2017-6790 |
medium |
6.8 |
6.8 |
|
|
cisco |
9y ago |
A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) … |
| CVE-2017-6788 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) a… |
| CVE-2017-6786 |
medium |
6.3 |
6.3 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affec… |
| CVE-2017-6785 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalatio… |
| CVE-2017-6783 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attack… |
| CVE-2017-6782 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application. The … |
| CVE-2017-6781 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affect… |
| CVE-2017-6778 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information. The vulnera… |
| CVE-2017-6777 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. The vulnerability is due to i… |
| CVE-2017-6776 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the we… |
| CVE-2017-6775 |
medium |
5.7 |
5.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to a… |
| CVE-2017-6774 |
medium |
5.0 |
5.0 |
|
|
cisco |
9y ago |
A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system fi… |
| CVE-2017-6773 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions a… |
| CVE-2017-6772 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitiv… |
| CVE-2017-6771 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insu… |
| CVE-2017-6768 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, lo… |
| CVE-2017-6767 |
high |
7.1 |
7.1 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be… |
| CVE-2017-6710 |
high |
8.1 |
8.1 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the… |
| CVE-2017-6770 |
medium |
4.2 |
4.2 |
|
|
cisco |
9y ago |
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open S… |
| CVE-2017-6769 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) atta… |
| CVE-2017-6766 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticat… |
| CVE-2017-6763 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affe… |
| CVE-2017-6762 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.6(9), 11.0(0), and 11.0(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS… |
| CVE-2017-6761 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Finesse 10.6(1) and 11.5(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… |
| CVE-2017-6759 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnera… |
| CVE-2017-6758 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root dir… |
| CVE-2017-6757 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11.5(1.10000.6) could allow an authenticated, remote attacker to conduct a blind SQL injection attack. T… |
| CVE-2017-6756 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerabilit… |
| CVE-2017-6754 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Smart Net Total Care (SNTC) Software Collector Appliance 3.11 could allow an authenticated, remote attacker to perform a read-only, … |
| CVE-2017-6747 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to bypass local authentication. The vulnerability is due to improp… |
| CVE-2017-6745 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condit… |
| CVE-2011-4650 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then th… |
| CVE-2017-6755 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… |
| CVE-2017-6753 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected b… |
| CVE-2017-6751 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected… |
| CVE-2017-6750 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticate… |
| CVE-2017-6749 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against… |
| CVE-2017-6748 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must… |
| CVE-2017-6746 |
high |
7.2 |
7.2 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker … |
| CVE-2017-6672 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers through 21.x could allow an unauthenticated, remote attacker to b… |
| CVE-2017-6612 |
high |
8.6 |
8.6 |
|
|
cisco |
9y ago |
A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect H… |
| CVE-2015-0674 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. |
| CVE-2017-6735 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system. More Informatio… |
| CVE-2017-6734 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack aga… |
| CVE-2017-6733 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS… |
| CVE-2017-6732 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd4734… |
| CVE-2017-6730 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected syst… |
| CVE-2017-6729 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software c… |
| CVE-2017-6727 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition … |
| CVE-2017-6726 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential i… |
| CVE-2017-6714 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The … |
| CVE-2017-6713 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain full access to the affected system. The vulnerability is due t… |
| CVE-2017-6712 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vuln… |
| CVE-2017-6711 |
critical |
9.1 |
9.1 |
|
|
cisco |
9y ago |
A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. The vulne… |
| CVE-2017-6709 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller (… |
| CVE-2017-6708 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive file… |
| CVE-2017-6725 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6724 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6722 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote attacker to masquerade as a legi… |
| CVE-2017-6721 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to rest… |
| CVE-2017-6717 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6716 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of th… |
| CVE-2017-6715 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6706 |
medium |
5.1 |
5.1 |
|
|
cisco |
9y ago |
A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd072… |
| CVE-2017-6705 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. More Information: CSCvc82973. Known… |
| CVE-2017-6704 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attack… |
| CVE-2017-6703 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc9034… |
| CVE-2017-6702 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affe… |
| CVE-2017-6701 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) atta… |
| CVE-2017-6700 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a D… |
| CVE-2017-6699 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a r… |
| CVE-2017-6698 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiali… |
| CVE-2017-6605 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a reflective cross-site scripting (XSS) attack a… |
| CVE-2017-6678 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote att… |
| CVE-2017-6669 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a us… |
| CVE-2017-6662 |
high |
8.0 |
8.0 |
|
|
cisco |
9y ago |
A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access … |
| CVE-2017-6697 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. … |
