Filtered by vendor Cisco
Subscribe
Total
5838 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4088 | 1 Cisco | 1 Unified Computing System | 2016-09-22 | 4.3 MEDIUM | N/A |
| The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769. | |||||
| CVE-2012-4106 | 1 Cisco | 1 Unified Computing System | 2016-09-22 | 6.8 MEDIUM | N/A |
| The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477. | |||||
| CVE-2012-4099 | 1 Cisco | 1 Nx-os | 2016-09-22 | 4.3 MEDIUM | N/A |
| The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13065. | |||||
| CVE-2012-4105 | 1 Cisco | 1 Unified Computing System | 2016-09-22 | 4.6 MEDIUM | N/A |
| The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (component crash) via crafted "debug hardware" parameters, aka Bug ID CSCtq86468. | |||||
| CVE-2012-4097 | 1 Cisco | 1 Nx-os | 2016-09-22 | 4.3 MEDIUM | N/A |
| The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE message, aka Bug ID CSCtn13043. | |||||
| CVE-2012-4093 | 1 Cisco | 1 Unified Computing System | 2016-09-22 | 4.6 MEDIUM | N/A |
| The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via an invalid Smart Call Home contact address, aka Bug ID CSCtl00186. | |||||
| CVE-2012-4092 | 1 Cisco | 1 Unified Computing System | 2016-09-22 | 5.8 MEDIUM | N/A |
| The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle attackers to read or modify an inter-device data stream by spoofing an identity, aka Bug ID CSCtk00683. | |||||
| CVE-2012-4079 | 1 Cisco | 1 Unified Computing System | 2016-09-22 | 5.0 MEDIUM | N/A |
| The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206. | |||||
| CVE-2013-5530 | 1 Cisco | 1 Identity Services Engine Software | 2016-09-21 | 9.0 HIGH | N/A |
| The web framework in Cisco Identity Services Engine (ISE) 1.0 and 1.1.0 before 1.1.0.665-5, 1.1.1 before 1.1.1.268-7, 1.1.2 before 1.1.2.145-10, 1.1.3 before 1.1.3.124-7, 1.1.4 before 1.1.4.218-7, and 1.2 before 1.2.0.899-2 allows remote authenticated users to execute arbitrary commands via a crafted session on TCP port 443, aka Bug ID CSCuh81511. | |||||
| CVE-2013-5559 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2016-09-21 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139. | |||||
| CVE-2000-0368 | 1 Cisco | 1 Ios | 2016-09-21 | 2.1 LOW | N/A |
| Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. | |||||
| CVE-2013-5502 | 1 Cisco | 1 Mediasense | 2016-09-20 | 5.0 MEDIUM | N/A |
| The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344. | |||||
| CVE-2013-5486 | 1 Cisco | 1 Prime Data Center Network Manager | 2016-09-16 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality. | |||||
| CVE-2013-6711 | 1 Cisco | 1 Webex Sales Center | 2016-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the product-creation administrative page in Cisco WebEx Sales Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul25540. | |||||
| CVE-2013-6710 | 1 Cisco | 1 Webex Training Center | 2016-09-16 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567. | |||||
| CVE-2013-3448 | 1 Cisco | 1 Webex Meetings Server | 2016-09-16 | 4.0 MEDIUM | N/A |
| Cisco WebEx Meetings Server does not check whether a user account is active, which allows remote authenticated users to bypass intended access restrictions by performing meeting operations after account deactivation, aka Bug ID CSCuh33315. | |||||
| CVE-2013-3437 | 1 Cisco | 1 Unified Operations Manager | 2016-09-16 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179. | |||||
| CVE-2013-3438 | 1 Cisco | 1 Unified Meetingplace Web Conferencing | 2016-09-16 | 5.0 MEDIUM | N/A |
| The web framework in the server in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to bypass intended access restrictions and read unspecified web pages via crafted parameters, aka Bug ID CSCuh86385. | |||||
| CVE-2013-3435 | 1 Cisco | 2 Unified Ip Conference Station 7937g, Unified Ip Conference Station 7937g Firmware | 2016-09-16 | 5.0 MEDIUM | N/A |
| The Cisco Unified IP Conference Station 7937G allows remote attackers to cause a denial of service (networking outage) via a flood of TCP packets, aka Bug ID CSCuh42052. | |||||
| CVE-2013-6981 | 1 Cisco | 1 Ios Xe | 2016-09-15 | 5.4 MEDIUM | N/A |
| Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709. | |||||