Filtered by vendor Cisco
Subscribe
Total
5838 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-8007 | 1 Cisco | 1 Prime Infrastructure | 2017-01-02 | 4.0 MEDIUM | N/A |
| Cisco Prime Infrastructure allows remote authenticated users to read device-discovery passwords by examining the HTML source code of the Quick Discovery options page, aka Bug ID CSCum00019. | |||||
| CVE-2014-8015 | 1 Cisco | 1 Identity Services Engine Software | 2017-01-02 | 4.0 MEDIUM | N/A |
| The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400. | |||||
| CVE-2014-8008 | 1 Cisco | 1 Unified Communications Manager | 2017-01-02 | 6.8 MEDIUM | N/A |
| Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414. | |||||
| CVE-2014-8010 | 1 Cisco | 1 Unified Communications Domain Manager | 2017-01-02 | 6.5 MEDIUM | N/A |
| The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205. | |||||
| CVE-2014-8012 | 1 Cisco | 1 Adaptive Security Appliance Software | 2017-01-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695. | |||||
| CVE-2014-8014 | 1 Cisco | 1 Ios Xr | 2017-01-02 | 5.0 MEDIUM | N/A |
| Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710. | |||||
| CVE-2014-8017 | 1 Cisco | 1 Identity Services Engine Software | 2017-01-02 | 5.0 MEDIUM | N/A |
| The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673. | |||||
| CVE-2014-8018 | 1 Cisco | 1 Unified Communications Domain Manager | 2017-01-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur19630, and CSCur19661. | |||||
| CVE-2014-8019 | 1 Cisco | 1 Enterprise Content Delivery System | 2017-01-02 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCuo90148. | |||||
| CVE-2014-8024 | 1 Cisco | 1 Jabber Guest | 2017-01-02 | 4.3 MEDIUM | N/A |
| The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST request, aka Bug ID CSCus19789. | |||||
| CVE-2014-8025 | 1 Cisco | 1 Jabber Guest | 2017-01-02 | 4.3 MEDIUM | N/A |
| The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST response, aka Bug ID CSCus19801. | |||||
| CVE-2014-8026 | 1 Cisco | 1 Jabber Guest | 2017-01-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers to inject arbitrary web script or HTML via a (1) GET or (2) POST parameter, aka Bug ID CSCus08074. | |||||
| CVE-2016-1320 | 1 Cisco | 1 Prime Collaboration | 2016-12-29 | 6.8 MEDIUM | 6.7 MEDIUM |
| The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286. | |||||
| CVE-2016-9217 | 1 Cisco | 1 Intercloud Fabric | 2016-12-29 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. More Information: CSCus99394. Known Affected Releases: 7.3(0)ZN(0.99). | |||||
| CVE-2015-6294 | 1 Cisco | 2 Ios, Ios Xe | 2016-12-29 | 6.1 MEDIUM | N/A |
| Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a denial of service (functionality loss) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuu25770. | |||||
| CVE-2015-6295 | 1 Cisco | 8 Nexus 9000, Nexus 93120tx, Nexus 93128tx and 5 more | 2016-12-29 | 4.8 MEDIUM | N/A |
| Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560. | |||||
| CVE-2015-6296 | 1 Cisco | 1 Prime Network Registrar | 2016-12-29 | 7.2 HIGH | N/A |
| Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825. | |||||
| CVE-2015-6297 | 1 Cisco | 7 Asr 9001, Asr 9006, Asr 9010 and 4 more | 2016-12-29 | 5.0 MEDIUM | N/A |
| The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525. | |||||
| CVE-2015-6299 | 1 Cisco | 1 Unity Connection | 2016-12-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824. | |||||
| CVE-2015-6300 | 1 Cisco | 1 Secure Access Control Server | 2016-12-29 | 4.0 MEDIUM | N/A |
| Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service (SSH screen process crash) via crafted (1) CLI or (2) GUI commands, aka Bug ID CSCuw24694. | |||||