Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-26 | CVE-2017-3797 | Information Exposure vulnerability in Cisco Webex Meetings Server 2.7.1/2.7Base A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. | 5.3 |
| 2017-01-26 | CVE-2017-3796 | OS Command Injection vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. | 7.2 |
| 2017-01-26 | CVE-2017-3795 | Improper Authentication vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. | 5.4 |
| 2017-01-26 | CVE-2017-3794 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against an administrative user. | 8.8 |
| 2017-01-26 | CVE-2016-9222 | Cross-site Scripting vulnerability in Cisco Netflow Generation Appliance 1.0(2) A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-01-26 | CVE-2016-9221 | Resource Management Errors vulnerability in Cisco Aironet Access Point Software 8.2(121.12)/8.4(1.82) A Denial of Service Vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause authentication to fail. | 4.3 |
| 2017-01-26 | CVE-2016-9220 | Resource Management Errors vulnerability in Cisco Aironet Access Point Software 8.2(130.0) A Denial of Service Vulnerability in 802.11 ingress packet processing of the Cisco Mobility Express 2800 and 3800 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause the connection table to be full of invalid connections and be unable to process new incoming requests. | 4.3 |
| 2017-01-26 | CVE-2016-9218 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hybrid Meeting Server 1.0Base A vulnerability in Cisco Hybrid Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. | 8.8 |
| 2017-01-26 | CVE-2016-9216 | Resource Management Errors vulnerability in Cisco ASR 5000 Series Software An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. | 5.3 |
| 2017-01-25 | CVE-2017-5597 | Integer Overflow or Wraparound vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. | 7.5 |