| CVE-2017-6794 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker m… |
| CVE-2017-6793 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulne… |
| CVE-2017-6792 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is … |
| CVE-2017-6791 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affe… |
| CVE-2017-6789 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)… |
| CVE-2017-6780 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventual… |
| CVE-2017-12227 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failur… |
| CVE-2017-12225 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixati… |
| CVE-2017-12224 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to enter a meeting with a hyperlink URL, even t… |
| CVE-2017-12221 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-12220 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack aga… |
| CVE-2017-12216 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vu… |
| CVE-2017-12212 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web inter… |
| CVE-2017-6790 |
medium |
6.8 |
6.8 |
|
|
cisco |
9y ago |
A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) … |
| CVE-2017-6788 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) a… |
| CVE-2017-6786 |
medium |
6.3 |
6.3 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affec… |
| CVE-2017-6785 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalatio… |
| CVE-2017-6783 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attack… |
| CVE-2017-6782 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application. The … |
| CVE-2017-6781 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affect… |
| CVE-2017-6778 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information. The vulnera… |
| CVE-2017-6777 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. The vulnerability is due to i… |
| CVE-2017-6776 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the we… |
| CVE-2017-6775 |
medium |
5.7 |
5.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to a… |
| CVE-2017-6774 |
medium |
5.0 |
5.0 |
|
|
cisco |
9y ago |
A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system fi… |
| CVE-2017-6773 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions a… |
| CVE-2017-6772 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitiv… |
| CVE-2017-6771 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insu… |
| CVE-2017-6768 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, lo… |
| CVE-2017-6767 |
high |
7.1 |
7.1 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be… |
| CVE-2017-6710 |
high |
8.1 |
8.1 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the… |
| CVE-2017-6770 |
medium |
4.2 |
4.2 |
|
|
cisco |
9y ago |
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open S… |
| CVE-2017-6769 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) atta… |
| CVE-2017-6766 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticat… |
| CVE-2017-6763 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affe… |
| CVE-2017-6762 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.6(9), 11.0(0), and 11.0(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS… |
| CVE-2017-6761 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Finesse 10.6(1) and 11.5(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… |
| CVE-2017-6759 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool 12.1 could allow an authenticated, remote attacker to write arbitrary files as root on the system. The vulnera… |
| CVE-2017-6758 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root dir… |
| CVE-2017-6757 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11.5(1.10000.6) could allow an authenticated, remote attacker to conduct a blind SQL injection attack. T… |
| CVE-2017-6756 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerabilit… |
| CVE-2017-6754 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Smart Net Total Care (SNTC) Software Collector Appliance 3.11 could allow an authenticated, remote attacker to perform a read-only, … |
| CVE-2017-6745 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condit… |
| CVE-2011-4650 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then th… |
| CVE-2017-6755 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use… |
| CVE-2017-6753 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected b… |
| CVE-2017-6751 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected… |
| CVE-2017-6750 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticate… |
| CVE-2017-6749 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against… |
| CVE-2017-6748 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must… |
| CVE-2017-6746 |
high |
7.2 |
7.2 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker … |
| CVE-2017-6672 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers through 21.x could allow an unauthenticated, remote attacker to b… |
| CVE-2017-6612 |
high |
8.6 |
8.6 |
|
|
cisco |
9y ago |
A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect H… |
| CVE-2015-0674 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. |
| CVE-2017-6735 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system. More Informatio… |
| CVE-2017-6734 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack aga… |
| CVE-2017-6733 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS… |
| CVE-2017-6732 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd4734… |
| CVE-2017-6730 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected syst… |
| CVE-2017-6729 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software c… |
| CVE-2017-6727 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition … |
| CVE-2017-6726 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential i… |
| CVE-2017-6712 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vuln… |
| CVE-2017-6725 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6724 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6722 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote attacker to masquerade as a legi… |
| CVE-2017-6721 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to rest… |
| CVE-2017-6717 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6716 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of th… |
| CVE-2017-6715 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-6706 |
medium |
5.1 |
5.1 |
|
|
cisco |
9y ago |
A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. More Information: CSCvd072… |
| CVE-2017-6705 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. More Information: CSCvc82973. Known… |
| CVE-2017-6704 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attack… |
| CVE-2017-6703 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session. More Information: CSCvc9034… |
| CVE-2017-6702 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affe… |
| CVE-2017-6701 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) atta… |
| CVE-2017-6700 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a D… |
| CVE-2017-6699 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a r… |
| CVE-2017-6698 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiali… |
| CVE-2017-6605 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a reflective cross-site scripting (XSS) attack a… |
| CVE-2017-6678 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote att… |
| CVE-2017-6669 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a us… |
| CVE-2017-6662 |
high |
8.0 |
8.0 |
|
|
cisco |
9y ago |
A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access … |
| CVE-2017-6697 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. … |
| CVE-2017-6696 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credentials that are stored in an affected syste… |
| CVE-2017-6695 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information. More Information: CSCvd29398. Known Affected Releases:… |
| CVE-2017-6694 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive data (cleartext crede… |
| CVE-2017-6693 |
medium |
5.5 |
5.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored in the file system of an affected system,… |
| CVE-2017-6692 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user, aka an Insecure Default A… |
| CVE-2017-6691 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affected system. More Information: CSCvd2940… |
| CVE-2017-6690 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite o… |
| CVE-2017-6689 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the admin user, aka an Insecure Default Adminis… |
| CVE-2017-6688 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerabil… |
| CVE-2017-6687 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default cr… |
| CVE-2017-6686 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affecte… |
| CVE-2017-6685 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device,… |
| CVE-2017-6684 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user, aka an Insecure Default Credentials Vulner… |
| CVE-2017-6683 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the esc_listener.py script of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to execute arbitrary commands as the tomcat user on an affected syste… |
| CVE-2017-6682 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user on an affected system. More Inf… |
| CVE-2017-6681 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker… |
