| CVE-2017-6680 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. More Informat… |
| CVE-2017-6675 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against an affected … |
| CVE-2017-6674 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the feature-license management functionality of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass URL filters that have been configured for … |
| CVE-2017-6673 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. More I… |
| CVE-2017-6671 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the de… |
| CVE-2017-6670 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect is… |
| CVE-2017-6668 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbi… |
| CVE-2017-6661 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to … |
| CVE-2017-6659 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and … |
| CVE-2017-6656 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in Session Initiation Protocol (SIP) call handling of Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition d… |
| CVE-2017-6655 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) conditio… |
| CVE-2017-6648 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TeleP… |
| CVE-2017-6638 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges… |
| CVE-2017-6654 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager 10.5 through 11.5 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)… |
| CVE-2017-6653 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) con… |
| CVE-2017-6647 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Temporary File information on an affected syste… |
| CVE-2017-6646 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Order information on an affected system. The vu… |
| CVE-2017-6645 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Temporary Directory information on an a… |
| CVE-2017-6644 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerab… |
| CVE-2017-6643 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive Virtual Directory information on an affected sy… |
| CVE-2017-6642 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerab… |
| CVE-2017-6641 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of … |
| CVE-2017-6637 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected syste… |
| CVE-2017-6636 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. T… |
| CVE-2017-6635 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected syste… |
| CVE-2017-6633 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected… |
| CVE-2017-6632 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a … |
| CVE-2017-6652 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. The vulnerability is due … |
| CVE-2017-6623 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their p… |
| CVE-2017-6621 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to con… |
| CVE-2017-6658 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of… |
| CVE-2017-6657 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. Th… |
| CVE-2017-6651 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings. The vulnerability is due … |
| CVE-2017-3825 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to … |
| CVE-2017-6629 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected devi… |
| CVE-2017-6628 |
medium |
6.8 |
6.8 |
|
|
cisco |
9y ago |
A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of s… |
| CVE-2017-6626 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise (UCCE) 11.5(1) and 11.6(1) could allow an unauthenticated, remote attacker to retrieve informatio… |
| CVE-2017-6625 |
high |
7.1 |
7.1 |
|
|
cisco |
9y ago |
A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow … |
| CVE-2017-6619 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vul… |
| CVE-2017-6618 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. The vulnerab… |
| CVE-2017-6617 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to … |
| CVE-2017-6616 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system. The vulnera… |
| CVE-2017-6614 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file… |
| CVE-2017-6613 |
medium |
5.8 |
5.8 |
|
|
cisco |
9y ago |
A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead t… |
| CVE-2017-6611 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Infrastructure 2.2(2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the w… |
| CVE-2017-3808 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a d… |
| CVE-2016-6368 |
high |
8.6 |
8.6 |
|
|
cisco |
9y ago |
A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a de… |
| CVE-2017-6604 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerab… |
| CVE-2017-6602 |
medium |
4.4 |
4.4 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an aut… |
| CVE-2017-6601 |
high |
7.1 |
7.1 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an… |
| CVE-2017-6600 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an… |
| CVE-2017-6598 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security … |
| CVE-2017-6597 |
high |
7.8 |
7.8 |
|
|
cisco |
9y ago |
A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appli… |
| CVE-2017-3889 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vu… |
| CVE-2017-3888 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack ag… |
| CVE-2017-3887 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of servic… |
| CVE-2017-3886 |
medium |
4.9 |
4.9 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco Unified Communications Manager web interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries,… |
| CVE-2017-3885 |
medium |
5.9 |
5.9 |
|
|
cisco |
9y ago |
A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of servi… |
| CVE-2017-3884 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to access sensitive data. The att… |
| CVE-2017-3848 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user … |
| CVE-2017-3817 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for a… |
| CVE-2016-9197 |
medium |
6.7 |
6.7 |
|
|
cisco |
9y ago |
A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying o… |
| CVE-2016-9195 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS… |
| CVE-2016-9194 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a den… |
| CVE-2017-3852 |
high |
8.1 |
8.1 |
|
|
cisco |
9y ago |
A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in… |
| CVE-2017-3851 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an unauthenticated, remot… |
| CVE-2017-3880 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More In… |
| CVE-2017-3877 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack agains… |
| CVE-2017-3874 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. More Informati… |
| CVE-2017-3872 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS a… |
| CVE-2017-3871 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A RADIUS Secret Disclosure vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclose sensitive infor… |
| CVE-2017-3870 |
medium |
5.8 |
5.8 |
|
|
cisco |
9y ago |
A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. A… |
| CVE-2017-3869 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
An API Credentials Management vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. T… |
| CVE-2017-3868 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-ba… |
| CVE-2017-3866 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework code of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web int… |
| CVE-2017-3815 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
An API Privilege vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. Affected Products: This vulnerabil… |
| CVE-2017-3811 |
medium |
6.5 |
6.5 |
|
|
cisco |
9y ago |
An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system. More In… |
| CVE-2017-3846 |
high |
8.6 |
8.6 |
|
|
cisco |
9y ago |
A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Man… |
| CVE-2017-3819 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Pack… |
| CVE-2017-3847 |
medium |
5.4 |
5.4 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf… |
| CVE-2017-3845 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a u… |
| CVE-2017-3844 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. … |
| CVE-2017-3843 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. More Informati… |
| CVE-2017-3842 |
medium |
5.3 |
5.3 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information store… |
| CVE-2017-3841 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. More Information: CSCvc04854. K… |
| CVE-2017-3840 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect V… |
| CVE-2017-3839 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to have read access to part of the… |
| CVE-2017-3838 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting (XSS) attack against the user of the web interf… |
| CVE-2017-3837 |
high |
8.1 |
8.1 |
|
|
cisco |
9y ago |
An HTTP Packet Processing vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve me… |
| CVE-2017-3836 |
medium |
4.3 |
4.3 |
|
|
cisco |
9y ago |
A vulnerability in the web framework Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. More Information: CSCvb61689. Known Affected Releases… |
| CVE-2017-3835 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users, because of SQL Injection. More Info… |
| CVE-2017-3833 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web i… |
| CVE-2017-3830 |
high |
7.5 |
7.5 |
|
|
cisco |
9y ago |
A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance. More Infor… |
| CVE-2017-3829 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack a… |
| CVE-2017-3828 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack a… |
| CVE-2017-3827 |
medium |
5.8 |
5.8 |
|
|
cisco |
9y ago |
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauth… |
| CVE-2017-3821 |
medium |
6.1 |
6.1 |
|
|
cisco |
9y ago |
A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. More Inform… |
| CVE-2017-3801 |
high |
8.8 |
8.8 |
|
|
cisco |
9y ago |
A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privil… |
| CVE-2017-3813 |
high |
7.8 |
8.8 |
EXP |
|
cisco |
9y ago |
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with th… |
| CVE-2017-3822 |
medium |
5.3 |
5.3 |
|
|
cisco |
10y ago |
A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the aud… |
