| CVE-2017-12220 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack aga… |
| CVE-2017-12212 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web inter… |
| CVE-2017-6790 |
medium |
6.8 |
6.8 |
|
|
cisco |
9y ago |
A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) … |
| CVE-2017-6788 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) a… |
| CVE-2017-6786 |
medium |
6.3 |
6.3 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affec… |
| CVE-2017-6785 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalatio… |
| CVE-2017-6783 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attack… |
| CVE-2017-6782 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application. The … |
| CVE-2017-6781 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affect… |
| CVE-2017-6778 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information. The vulnera… |
| CVE-2017-6777 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. The vulnerability is due to i… |
| CVE-2017-6776 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the we… |
| CVE-2017-6775 |
medium |
5.7 |
5.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to a… |
| CVE-2017-6774 |
medium |
5.0 |
5.0 |
|
|
cisco |
9y ago |
A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system fi… |
| CVE-2017-6773 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions a… |
| CVE-2017-6772 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitiv… |
| CVE-2017-6770 |
medium |
4.2 |
4.2 |
|
|
cisco |
9y ago |
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open S… |
| CVE-2017-6769 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) atta… |
| CVE-2017-6762 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.6(9), 11.0(0), and 11.0(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS… |
| CVE-2017-6761 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Finesse 10.6(1) and 11.5(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… |
| CVE-2017-6759 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnera… |
| CVE-2017-6758 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root dir… |
| CVE-2017-6754 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Smart Net Total Care (SNTC) Software Collector Appliance 3.11 could allow an authenticated, remote attacker to perform a read-only, … |
| CVE-2017-6747 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to bypass local authentication. The vulnerability is due to improp… |
| CVE-2017-6755 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… |
| CVE-2017-6749 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against… |
| CVE-2017-6748 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must… |
| CVE-2015-0674 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. |
| CVE-2017-6735 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system. More Informatio… |
| CVE-2017-6734 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack aga… |
| CVE-2017-6733 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS… |
| CVE-2017-6732 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd4734… |
| CVE-2017-6730 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected syst… |
| CVE-2017-6727 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition … |
| CVE-2017-6726 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential i… |
| CVE-2017-6714 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The … |
| CVE-2017-6713 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain full access to the affected system. The vulnerability is due t… |
| CVE-2017-6711 |
critical |
9.1 |
9.1 |
|
|
cisco |
9y ago |
A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. The vulne… |
| CVE-2017-6709 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller (… |
| CVE-2017-6708 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive file… |
| CVE-2017-6725 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6724 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6722 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote attacker to masquerade as a legi… |
| CVE-2017-6721 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to rest… |
| CVE-2017-6717 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6716 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of th… |
| CVE-2017-6715 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6706 |
medium |
5.1 |
5.1 |
|
|
cisco |
9y ago |
A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd072… |
| CVE-2017-6705 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. More Information: CSCvc82973. Known… |
| CVE-2017-6704 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attack… |
| CVE-2017-6703 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc9034… |
| CVE-2017-6702 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affe… |
| CVE-2017-6701 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) atta… |
| CVE-2017-6700 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a D… |
| CVE-2017-6699 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a r… |
| CVE-2017-6698 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiali… |
| CVE-2017-6605 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a reflective cross-site scripting (XSS) attack a… |
| CVE-2017-6697 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. … |
| CVE-2017-6696 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credentials that are stored in an affected syste… |
| CVE-2017-6695 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information. More Information: CSCvd29398. Known Affected Releases:… |
| CVE-2017-6694 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive data (cleartext crede… |
| CVE-2017-6693 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored in the file system of an affected system,… |
| CVE-2017-6691 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affected system. More Information: CSCvd2940… |
| CVE-2017-6690 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite o… |
| CVE-2017-6675 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against an affected … |
| CVE-2017-6673 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. More I… |
| CVE-2017-6670 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect is… |
| CVE-2017-6668 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbi… |
| CVE-2017-6667 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on… |
| CVE-2017-6661 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to … |
| CVE-2017-6656 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in Session Initiation Protocol (SIP) call handling of Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition d… |
| CVE-2017-6655 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) conditio… |
| CVE-2017-6640 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account… |
| CVE-2017-6639 |
critical |
9.8 |
9.8 |
|
|
cisco |
9y ago |
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information… |
| CVE-2017-6654 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager 10.5 through 11.5 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)… |
| CVE-2017-6647 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Temporary File information on an affected syste… |
| CVE-2017-6646 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Order information on an affected system. The vu… |
| CVE-2017-6645 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Temporary Directory information on an a… |
| CVE-2017-6644 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerab… |
| CVE-2017-6643 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Directory information on an affected sy… |
| CVE-2017-6642 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerab… |
| CVE-2017-6637 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected syste… |
| CVE-2017-6636 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. T… |
| CVE-2017-6635 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected syste… |
| CVE-2017-6622 |
critical |
9.8 |
10.0 |
EXP |
|
cisco |
9y ago |
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privil… |
| CVE-2017-3882 |
critical |
9.6 |
9.6 |
|
|
cisco |
9y ago |
A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or … |
| CVE-2017-6629 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected devi… |
| CVE-2017-6628 |
medium |
6.8 |
6.8 |
|
|
cisco |
9y ago |
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of s… |
| CVE-2017-6626 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise (UCCE) 11.5(1) and 11.6(1) could allow an unauthenticated, remote attacker to retrieve informatio… |
| CVE-2017-6618 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. The vulnerab… |
| CVE-2017-6617 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to … |
| CVE-2017-6614 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file… |
| CVE-2017-6613 |
medium |
5.8 |
5.8 |
|
|
cisco |
9y ago |
A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead t… |
| CVE-2017-6611 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure 2.2(2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the w… |
| CVE-2017-6604 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerab… |
| CVE-2017-6602 |
medium |
4.4 |
4.4 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an aut… |
| CVE-2017-6598 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security … |
| CVE-2017-3889 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vu… |
| CVE-2017-3888 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack ag… |
| CVE-2017-3887 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of servic… |
