Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-17 | CVE-2018-0280 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2018-05-17 | CVE-2018-0279 | OS Command Injection vulnerability in Cisco Enterprise NFV Infrastructure Software A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. | 8.8 |
| 2018-05-17 | CVE-2018-0277 | Improper Certificate Validation vulnerability in Cisco Identity Services Engine A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, causing a denial of service (DoS) condition on an affected system. | 8.6 |
| 2018-05-17 | CVE-2018-0271 | Improper Authentication vulnerability in Cisco Digital Network Architecture Center 1.1/1.1.1 A vulnerability in the API gateway of the Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. | 9.8 |
| 2018-05-17 | CVE-2018-0270 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOT Field Network Director 4.2(0.4) A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and alter the data of existing users and groups on an affected device. | 8.8 |
| 2018-05-17 | CVE-2018-0268 | Improperly Implemented Security Check for Standard vulnerability in Cisco Digital Network Architecture Center A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and gain elevated privileges. | 10.0 |
| 2018-05-17 | CVE-2018-0222 | Use of Hard-coded Credentials vulnerability in Cisco Digital Network Architecture Center A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials. | 10.0 |
| 2018-05-02 | CVE-2018-0288 | Information Exposure vulnerability in Cisco Webex Meetings Online T31.20/T31.20.2 A vulnerability in Cisco WebEx Recording Format (WRF) Player could allow an unauthenticated, remote attacker to access sensitive data about the application. | 5.3 |
| 2018-05-02 | CVE-2018-0287 | Improper Input Validation vulnerability in Cisco Webex Meetings Online T30/T32.7 A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. | 8.8 |
| 2018-05-02 | CVE-2018-0286 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS XR 6.3.1/6.3.2/6.5.1 A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. | 5.3 |