Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-08 | CVE-2018-15451 | Cross-site Scripting vulnerability in Cisco Prime Service Catalog 12.1 A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 3.5 |
| 2018-11-08 | CVE-2018-15450 | Path Traversal vulnerability in Cisco Prime Collaboration 12.1 A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. | 5.5 |
| 2018-11-08 | CVE-2018-15449 | Improper Input Validation vulnerability in Cisco Video Surveillance Media Server A vulnerability in the web-based management interface of Cisco Video Surveillance Media Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the web-based management interface of an affected system. | 4.3 |
| 2018-11-08 | CVE-2018-15448 | Unspecified vulnerability in Cisco Registered Envelope Service A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. | 5.0 |
| 2018-11-08 | CVE-2018-15447 | SQL Injection vulnerability in Cisco Integrated Management Controller A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. | 7.5 |
| 2018-11-08 | CVE-2018-15446 | Information Exposure vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. | 5.0 |
| 2018-11-08 | CVE-2018-15445 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Energy Management Suite Software A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 6.0 |
| 2018-11-08 | CVE-2018-15444 | XXE vulnerability in Cisco Energy Management Suite Software A vulnerability in the web-based user interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. | 4.9 |
| 2018-11-08 | CVE-2018-15443 | Resource Exhaustion vulnerability in Cisco Firepower System Software A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured Intrusion Prevention System (IPS) rule that inspects certain types of TCP traffic. | 5.0 |
| 2018-11-08 | CVE-2018-15439 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. | 9.3 |