Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-11 | CVE-2018-15464 | Resource Exhaustion vulnerability in Cisco ASR 900 Series Software 16.6.2 A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. | 5.0 |
| 2019-01-10 | CVE-2018-15461 | Cross-site Scripting vulnerability in Cisco Webex Business Suite A vulnerability in the MyWebex component of Cisco Webex Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. | 4.3 |
| 2019-01-10 | CVE-2018-15460 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Asyncos A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. | 7.8 |
| 2019-01-10 | CVE-2018-15458 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Management Center 6.2.2/6.2.3/6.3.0 A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. | 5.0 |
| 2019-01-10 | CVE-2018-15457 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.3 |
| 2019-01-10 | CVE-2018-15456 | Insufficiently Protected Credentials vulnerability in Cisco Identity Services Engine A vulnerability in the Admin Portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to view saved passwords in plain text. | 4.0 |
| 2019-01-10 | CVE-2018-15453 | Out-of-bounds Write vulnerability in Cisco Email Security Appliance Firmware 11.0.1401/11.1.0131 A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause an affected device to corrupt system memory. | 7.8 |
| 2019-01-10 | CVE-2018-0484 | Unspecified vulnerability in Cisco IOS 16.6.2/16.6.4 A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despite the absence of the vrf-also keyword in the access-class configuration. | 4.0 |
| 2019-01-10 | CVE-2018-0483 | Cross-site Scripting vulnerability in Cisco Jabber 10.0(0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. | 3.5 |
| 2019-01-10 | CVE-2018-0482 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5(0.0) A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system. | 3.5 |