Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-01 | CVE-2018-0406 | Cross-site Scripting vulnerability in Cisco web Security Appliance 10.1.2003/10.5.1269/11.5.0Fcs581 A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected or Document Object Model based (DOM-based) cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2018-08-01 | CVE-2018-0397 | Unspecified vulnerability in Cisco Advanced Malware Protection FOR Endpoints A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. | 7.1 |
| 2018-08-01 | CVE-2018-0391 | Unspecified vulnerability in Cisco products A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable. | 6.8 |
| 2018-07-18 | CVE-2018-0403 | Server-Side Request Forgery (SSRF) vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. | 5.0 |
| 2018-07-18 | CVE-2018-0402 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. | 6.8 |
| 2018-07-18 | CVE-2018-0401 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. | 4.3 |
| 2018-07-18 | CVE-2018-0400 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. | 4.3 |
| 2018-07-18 | CVE-2018-0399 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.5(1) Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. | 5.0 |
| 2018-07-18 | CVE-2018-0398 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.5(1) Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. | 7.5 |
| 2018-07-18 | CVE-2018-0396 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager IM and Presence Service 11.5/12.0 A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. | 4.3 |