| CVE-2017-6777 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. The vulnerability is due to i… |
| CVE-2017-6776 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the we… |
| CVE-2017-6775 |
medium |
5.7 |
5.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to a… |
| CVE-2017-6774 |
medium |
5.0 |
5.0 |
|
|
cisco |
9y ago |
A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system fi… |
| CVE-2017-6773 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions a… |
| CVE-2017-6772 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitiv… |
| CVE-2017-6770 |
medium |
4.2 |
4.2 |
|
|
cisco |
9y ago |
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open S… |
| CVE-2017-6769 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) atta… |
| CVE-2017-6762 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.6(9), 11.0(0), and 11.0(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS… |
| CVE-2017-6761 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Finesse 10.6(1) and 11.5(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… |
| CVE-2017-6759 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnera… |
| CVE-2017-6758 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root dir… |
| CVE-2017-6754 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Smart Net Total Care (SNTC) Software Collector Appliance 3.11 could allow an authenticated, remote attacker to perform a read-only, … |
| CVE-2017-6755 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… |
| CVE-2017-6749 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against… |
| CVE-2017-6748 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must… |
| CVE-2015-0674 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. |
| CVE-2017-6735 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system. More Informatio… |
| CVE-2017-6734 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack aga… |
| CVE-2017-6733 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS… |
| CVE-2017-6732 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd4734… |
| CVE-2017-6730 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected syst… |
| CVE-2017-6727 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition … |
| CVE-2017-6726 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential i… |
| CVE-2017-6725 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6724 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6722 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote attacker to masquerade as a legi… |
| CVE-2017-6721 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to rest… |
| CVE-2017-6717 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6716 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of th… |
| CVE-2017-6715 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6706 |
medium |
5.1 |
5.1 |
|
|
cisco |
9y ago |
A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd072… |
| CVE-2017-6705 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. More Information: CSCvc82973. Known… |
| CVE-2017-6704 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attack… |
| CVE-2017-6703 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc9034… |
| CVE-2017-6702 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affe… |
| CVE-2017-6701 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) atta… |
| CVE-2017-6700 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a D… |
| CVE-2017-6699 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a r… |
| CVE-2017-6698 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiali… |
| CVE-2017-6605 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a reflective cross-site scripting (XSS) attack a… |
| CVE-2017-6697 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. … |
| CVE-2017-6696 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credentials that are stored in an affected syste… |
| CVE-2017-6695 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information. More Information: CSCvd29398. Known Affected Releases:… |
| CVE-2017-6694 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive data (cleartext crede… |
| CVE-2017-6693 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored in the file system of an affected system,… |
| CVE-2017-6691 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affected system. More Information: CSCvd2940… |
| CVE-2017-6690 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite o… |
| CVE-2017-6675 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against an affected … |
| CVE-2017-6673 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. More I… |
| CVE-2017-6670 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect is… |
| CVE-2017-6668 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbi… |
| CVE-2017-6661 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to … |
| CVE-2017-6656 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in Session Initiation Protocol (SIP) call handling of Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition d… |
| CVE-2017-6655 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) conditio… |
| CVE-2017-6654 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager 10.5 through 11.5 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)… |
| CVE-2017-6647 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Temporary File information on an affected syste… |
| CVE-2017-6646 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Order information on an affected system. The vu… |
| CVE-2017-6645 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Temporary Directory information on an a… |
| CVE-2017-6644 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerab… |
| CVE-2017-6643 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Directory information on an affected sy… |
| CVE-2017-6642 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerab… |
| CVE-2017-6637 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected syste… |
| CVE-2017-6636 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. T… |
| CVE-2017-6635 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected syste… |
| CVE-2017-6629 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected devi… |
| CVE-2017-6628 |
medium |
6.8 |
6.8 |
|
|
cisco |
9y ago |
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of s… |
| CVE-2017-6626 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise (UCCE) 11.5(1) and 11.6(1) could allow an unauthenticated, remote attacker to retrieve informatio… |
| CVE-2017-6618 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. The vulnerab… |
| CVE-2017-6617 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to … |
| CVE-2017-6614 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file… |
| CVE-2017-6613 |
medium |
5.8 |
5.8 |
|
|
cisco |
9y ago |
A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead t… |
| CVE-2017-6611 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure 2.2(2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the w… |
| CVE-2017-6604 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerab… |
| CVE-2017-6602 |
medium |
4.4 |
4.4 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an aut… |
| CVE-2017-6598 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security … |
| CVE-2017-3889 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vu… |
| CVE-2017-3888 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack ag… |
| CVE-2017-3887 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of servic… |
| CVE-2017-3886 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Unified Communications Manager web interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries,… |
| CVE-2017-3885 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of servi… |
| CVE-2017-3884 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to access sensitive data. The att… |
| CVE-2017-3848 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user … |
| CVE-2017-3817 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for a… |
| CVE-2016-9197 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying o… |
| CVE-2016-9195 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS… |
| CVE-2016-9194 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a den… |
| CVE-2017-3880 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More In… |
| CVE-2017-3877 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack agains… |
| CVE-2017-3874 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. More Informati… |
| CVE-2017-3872 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS a… |
| CVE-2017-3871 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A RADIUS Secret Disclosure vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclose sensitive infor… |
| CVE-2017-3870 |
medium |
5.8 |
5.8 |
|
|
cisco |
9y ago |
A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. A… |
| CVE-2017-3869 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
An API Credentials Management vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. T… |
| CVE-2017-3868 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-ba… |
| CVE-2017-3866 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web int… |
| CVE-2017-3815 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
An API Privilege vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. Affected Products: This vulnerabil… |
| CVE-2017-3811 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system. More In… |
| CVE-2017-3847 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-3845 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a u… |
