Filtered by vendor Cisco
Subscribe
Total
5838 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3287 | 1 Cisco | 1 Unified Communications Manager | 2016-09-07 | 4.0 MEDIUM | N/A |
| SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL, aka Bug ID CSCuo17337. | |||||
| CVE-2014-3286 | 1 Cisco | 1 Webex Meetings Server | 2016-09-07 | 5.0 MEDIUM | N/A |
| The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs CSCuj81685, CSCuj81688, CSCuj81665, CSCuj81744, and CSCuj81661. | |||||
| CVE-2014-3285 | 1 Cisco | 1 Wide Area Application Services | 2016-09-07 | 5.0 MEDIUM | N/A |
| Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial of service (application-optimization handler reload) via a crafted SharePoint application, aka Bug ID CSCue47674. | |||||
| CVE-2014-3283 | 1 Cisco | 1 Unified Communications Domain Manager | 2016-09-07 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731. | |||||
| CVE-2014-2199 | 1 Cisco | 6 Webex Business Suite, Webex Event Center, Webex Meeting Center and 3 more | 2016-09-07 | 5.0 MEDIUM | N/A |
| meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738. | |||||
| CVE-2014-3280 | 1 Cisco | 1 Unified Communications Domain Manager | 2016-09-07 | 4.0 MEDIUM | N/A |
| The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain potentially sensitive user information by visiting an unspecified Administration GUI web page, aka Bug IDs CSCun46045 and CSCun46116. | |||||
| CVE-2014-3282 | 1 Cisco | 1 Unified Communications Domain Manager | 2016-09-07 | 4.0 MEDIUM | N/A |
| The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive number-translation information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum76930. | |||||
| CVE-2014-2196 | 1 Cisco | 1 Wide Area Application Services | 2016-09-07 | 9.3 HIGH | N/A |
| Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when SharePoint prefetch optimization is enabled, allows remote SharePoint servers to execute arbitrary code via a malformed response, aka Bug ID CSCue18479. | |||||
| CVE-2014-2176 | 1 Cisco | 7 Asr 9001, Asr 9006, Asr 9010 and 4 more | 2016-09-07 | 7.1 HIGH | N/A |
| Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928. | |||||
| CVE-2014-2121 | 1 Cisco | 1 Hosted Collaboration Solution | 2016-09-07 | 5.0 MEDIUM | N/A |
| The Java-based software in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (closing of TCP ports) via unspecified vectors, aka Bug IDs CSCug77633, CSCug77667, CSCug78266, CSCug82795, and CSCuh58643. | |||||
| CVE-2014-3274 | 1 Cisco | 1 Telepresence System Software | 2016-09-07 | 4.3 MEDIUM | N/A |
| Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326. | |||||
| CVE-2014-3277 | 1 Cisco | 1 Unified Communications Domain Manager | 2016-09-07 | 4.0 MEDIUM | N/A |
| The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum77005. | |||||
| CVE-2014-3276 | 1 Cisco | 1 Identity Services Engine Software | 2016-09-07 | 4.0 MEDIUM | N/A |
| Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS outage) by sourcing these packets from two origins, aka Bug ID CSCuo56780. | |||||
| CVE-2014-3273 | 1 Cisco | 1 Ios | 2016-09-07 | 6.1 MEDIUM | N/A |
| The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282. | |||||
| CVE-2014-3272 | 1 Cisco | 1 Tidal Enterprise Scheduler | 2016-09-07 | 6.0 MEDIUM | N/A |
| The Agent in Cisco Tidal Enterprise Scheduler (TES) 6.1 and earlier allows local users to gain privileges via crafted Tidal Job Buffers (TJB) parameters, aka Bug ID CSCuo33074. | |||||
| CVE-2014-3271 | 1 Cisco | 1 Ios Xr | 2016-09-07 | 5.0 MEDIUM | N/A |
| The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149. | |||||
| CVE-2014-3270 | 1 Cisco | 1 Ios Xr | 2016-09-07 | 5.0 MEDIUM | N/A |
| The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924. | |||||
| CVE-2014-3267 | 1 Cisco | 1 Security Manager | 2016-09-07 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make unspecified changes, aka Bug ID CSCuo46427. | |||||
| CVE-2014-3265 | 1 Cisco | 1 Security Manager | 2016-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900. | |||||
| CVE-2014-3263 | 1 Cisco | 1 Ios | 2016-09-07 | 5.4 MEDIUM | N/A |
| The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038. | |||||