Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-08 | CVE-2018-15394 | Unspecified vulnerability in Cisco Stealthwatch Enterprise 6.10.2 A vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. | 9.8 |
| 2018-11-08 | CVE-2018-15393 | Cross-site Scripting vulnerability in Cisco Content Security Management Appliance A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 6.1 |
| 2018-11-08 | CVE-2018-15381 | Deserialization of Untrusted Data vulnerability in Cisco Unity Express A Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. | 9.8 |
| 2018-11-08 | CVE-2018-0284 | Unspecified vulnerability in Cisco products A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. | 6.5 |
| 2018-11-01 | CVE-2018-15454 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-10-24 | CVE-2018-15442 | OS Command Injection vulnerability in Cisco Webex Meetings Desktop and Webex Productivity Tools A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. | 7.8 |
| 2018-10-17 | CVE-2018-15438 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 12.1 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 6.5 |
| 2018-10-17 | CVE-2018-0443 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software 8.2(151.0) A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2018-10-17 | CVE-2018-0442 | Unspecified vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. | 7.5 |
| 2018-10-17 | CVE-2018-0441 | Resource Exhaustion vulnerability in Cisco Access Points A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 7.4 |