Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-24 | CVE-2016-5645 | Improper Access Control vulnerability in Rockwellautomation products Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community. | 7.3 |
| 2016-08-24 | CVE-2016-5081 | Use of Hard-coded Credentials vulnerability in Zmodo Zp-Ibh-13W and Zp-Ne-14-S ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session. | 9.8 |
| 2016-08-23 | CVE-2016-6365 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518. | 6.1 |
| 2016-08-23 | CVE-2016-6364 | Information Exposure vulnerability in Cisco Unified Communications Manager 11.5.0 The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855. | 7.5 |
| 2016-08-23 | CVE-2016-6355 | Resource Management Errors vulnerability in Cisco IOS XR Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791. | 7.5 |
| 2016-08-23 | CVE-2016-1484 | Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724. | 7.5 |
| 2016-08-23 | CVE-2016-1477 | Information Exposure vulnerability in Cisco Connected Streaming Analytics 1.1.1Base Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891. | 6.5 |
| 2016-08-22 | CVE-2016-6363 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Aironet Access Point Software The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192. | 6.5 |
| 2016-08-22 | CVE-2016-6362 | Permissions, Privileges, and Access Controls vulnerability in Cisco Aironet Access Point Software Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725. | 7.8 |
| 2016-08-22 | CVE-2016-6361 | Improper Input Validation vulnerability in Cisco Aironet Access Point Software The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288. | 6.5 |