Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-0333 | Protection Mechanism Failure vulnerability in Cisco Secure Firewall Management Center 6.2.2 A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. | 5.8 |
| 2018-06-07 | CVE-2018-0332 | Unspecified vulnerability in Cisco IP Phone Firmware and Unified IP Phone Firmware A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2018-06-07 | CVE-2018-0329 | Use of Hard-coded Credentials vulnerability in Cisco Wide Area Application Services 6.2(3)/6.4(1) A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP. | 5.3 |
| 2018-06-07 | CVE-2018-0149 | Cross-site Scripting vulnerability in Cisco Integrated Management Controller Supervisor 2.1(0.2)/2.2(0.2) A vulnerability in the web-based management interface of Cisco Integrated Management Controller Supervisor Software and Cisco UCS Director Software could allow an authenticated, remote attacker to conduct a Document Object Model-based (DOM-based), stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.8 |
| 2018-06-07 | CVE-2018-0353 | Unspecified vulnerability in Cisco web Security Appliance A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. | 7.5 |
| 2018-06-07 | CVE-2018-0322 | Missing Authorization vulnerability in Cisco products A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. | 8.8 |
| 2018-06-07 | CVE-2018-0321 | Improper Authentication vulnerability in Cisco products A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system. | 9.8 |
| 2018-06-07 | CVE-2018-0320 | SQL Injection vulnerability in Cisco products A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. | 9.8 |
| 2018-06-07 | CVE-2018-0319 | Improper Authentication vulnerability in Cisco products A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. | 9.8 |
| 2018-06-07 | CVE-2018-0318 | Improper Authentication vulnerability in Cisco products A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. | 9.8 |