Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-0459 | Incorrect Authorization vulnerability in Cisco Network Functions Virtualization Infrastructure A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to cause an affected system to reboot or shut down. | 6.8 |
| 2018-10-05 | CVE-2018-0458 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 11.6.0 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2018-10-05 | CVE-2018-0457 | Unspecified vulnerability in Cisco Webex Meetings Online T31/T32 A vulnerability in the Cisco Webex Player for Webex Recording Format (WRF) files could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. network cisco | 4.3 |
| 2018-10-05 | CVE-2018-0455 | Unspecified vulnerability in Cisco Firepower System Software A vulnerability in the Server Message Block Version 2 (SMBv2) and Version 3 (SMBv3) protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. | 5.0 |
| 2018-10-05 | CVE-2018-0454 | Command Injection vulnerability in Cisco Cloud Services Platform 2100 Firmware 2.2(4) A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to perform command injection. | 6.5 |
| 2018-10-05 | CVE-2018-0453 | OS Command Injection vulnerability in Cisco Firepower Threat Defense A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. | 7.2 |
| 2018-10-05 | CVE-2018-0452 | Cross-site Scripting vulnerability in Cisco Tetration Analytics 2.1 A vulnerability in the web-based management interface of Cisco Tetration Analytics could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2018-10-05 | CVE-2018-0451 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Tetration Analytics 2.0(2.20)/2.1(1.31) A vulnerability in the web-based management interface of Cisco Tetration Analytics could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 6.8 |
| 2018-10-05 | CVE-2018-0450 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager 10.4(2) A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the management interface on an affected device. | 4.3 |
| 2018-10-05 | CVE-2018-0448 | Inadequate Encryption Strength vulnerability in Cisco Digital Network Architecture Center 1.1/1.1.2/1.1.3 A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions. | 7.5 |