Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-18 | CVE-2018-0401 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. | 6.1 |
| 2018-07-18 | CVE-2018-0400 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. | 6.1 |
| 2018-07-18 | CVE-2018-0399 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.5(1) Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. | 9.8 |
| 2018-07-18 | CVE-2018-0398 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.5(1) Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. | 9.8 |
| 2018-07-18 | CVE-2018-0396 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager IM and Presence Service 11.5/12.0 A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. | 6.1 |
| 2018-07-18 | CVE-2018-0394 | Improper Input Validation vulnerability in Cisco Cloud Services Platform 2100 2.2(4) A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. | 8.8 |
| 2018-07-18 | CVE-2018-0393 | Unspecified vulnerability in Cisco products A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. | 6.5 |
| 2018-07-18 | CVE-2018-0392 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco products A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. | 5.5 |
| 2018-07-18 | CVE-2018-0390 | Cross-site Scripting vulnerability in Cisco Webex Meetings 2.0 A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. | 6.1 |
| 2018-07-18 | CVE-2018-0387 | Improper Input Validation vulnerability in Cisco Webex Teams A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. | 8.8 |