Filtered by vendor Cisco
Subscribe
Total
6072 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-6710 | 1 Cisco | 1 Webex Training Center | 2016-09-16 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567. | |||||
CVE-2013-5486 | 1 Cisco | 1 Prime Data Center Network Manager | 2016-09-16 | 10.0 HIGH | N/A |
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality. | |||||
CVE-2013-3448 | 1 Cisco | 1 Webex Meetings Server | 2016-09-16 | 4.0 MEDIUM | N/A |
Cisco WebEx Meetings Server does not check whether a user account is active, which allows remote authenticated users to bypass intended access restrictions by performing meeting operations after account deactivation, aka Bug ID CSCuh33315. | |||||
CVE-2013-3438 | 1 Cisco | 1 Unified Meetingplace Web Conferencing | 2016-09-16 | 5.0 MEDIUM | N/A |
The web framework in the server in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to bypass intended access restrictions and read unspecified web pages via crafted parameters, aka Bug ID CSCuh86385. | |||||
CVE-2013-3437 | 1 Cisco | 1 Unified Operations Manager | 2016-09-16 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179. | |||||
CVE-2013-3435 | 1 Cisco | 2 Unified Ip Conference Station 7937g, Unified Ip Conference Station 7937g Firmware | 2016-09-16 | 5.0 MEDIUM | N/A |
The Cisco Unified IP Conference Station 7937G allows remote attackers to cause a denial of service (networking outage) via a flood of TCP packets, aka Bug ID CSCuh42052. | |||||
CVE-2013-6981 | 1 Cisco | 1 Ios Xe | 2016-09-15 | 5.4 MEDIUM | N/A |
Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709. | |||||
CVE-2013-6976 | 1 Cisco | 1 Epc3925 | 2016-09-15 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496. | |||||
CVE-2013-6709 | 1 Cisco | 1 Webex Training Center | 2016-09-15 | 5.0 MEDIUM | N/A |
The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111. | |||||
CVE-2013-6705 | 1 Cisco | 2 Ios, Ios Xe | 2016-09-15 | 6.1 MEDIUM | N/A |
The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (IPDT AVL corruption and device reload) via a crafted sequence of ARP packets, aka Bug ID CSCuh38133. | |||||
CVE-2013-6704 | 1 Cisco | 1 Ios Xe | 2016-09-15 | 7.1 HIGH | N/A |
Cisco IOS XE does not properly manage memory for TFTP UDP flows, which allows remote attackers to cause a denial of service (memory consumption) via TFTP (1) client or (2) server traffic, aka Bug IDs CSCuh09324 and CSCty42686. | |||||
CVE-2013-6703 | 1 Cisco | 1 Ons 15454 | 2016-09-15 | 7.1 HIGH | N/A |
The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787. | |||||
CVE-2013-6702 | 1 Cisco | 2 Ons 15454, Ons 15454 Firmware | 2016-09-15 | 4.3 MEDIUM | N/A |
The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902. | |||||
CVE-2013-6701 | 1 Cisco | 8 Cisco Ons 15454 System Software, Ons 15454, Ons 15454 Mspp and 5 more | 2016-09-15 | 5.0 MEDIUM | N/A |
The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155. | |||||
CVE-2013-6690 | 1 Cisco | 1 Prime Collaboration | 2016-09-15 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Assurance component in Cisco Prime Collaboration allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCui92643, CSCui94038, and CSCui94161. | |||||
CVE-2014-0731 | 1 Cisco | 1 Unified Communications Manager | 2016-09-09 | 5.0 MEDIUM | N/A |
The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497. | |||||
CVE-2013-6974 | 1 Cisco | 1 Secure Access Control System | 2016-09-09 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud89431. | |||||
CVE-2012-4073 | 1 Cisco | 1 Unified Computing System | 2016-09-09 | 5.8 MEDIUM | N/A |
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332. | |||||
CVE-2014-0720 | 1 Cisco | 1 Ips Sensor Software | 2016-09-08 | 7.1 HIGH | N/A |
Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944. | |||||
CVE-2014-0718 | 1 Cisco | 1 Ips Sensor Software | 2016-09-08 | 7.1 HIGH | N/A |
The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266. |