Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-19 | CVE-2018-0273 | Unspecified vulnerability in Cisco Staros A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition. | 5.3 |
| 2018-04-19 | CVE-2018-0272 | Improper Handling of Exceptional Conditions vulnerability in Cisco Firepower 6.2.1/6.2.2.1 A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.9 |
| 2018-04-19 | CVE-2018-0269 | Incorrect Authorization vulnerability in Cisco Digital Network Architecture Center 1.1 A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) could allow an unauthenticated, remote attacker to communicate with the Kong API server without restriction. | 4.3 |
| 2018-04-19 | CVE-2018-0267 | Forced Browsing vulnerability in Cisco Unified Communications Manager A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. | 6.5 |
| 2018-04-19 | CVE-2018-0266 | Forced Browsing vulnerability in Cisco Unified Communications Manager A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. | 4.3 |
| 2018-04-19 | CVE-2018-0260 | Improper Input Validation vulnerability in Cisco Mate Live 1.3 A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents of certain web application virtual directories. | 5.3 |
| 2018-04-19 | CVE-2018-0259 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Mate Collector 7.1 A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-04-19 | CVE-2018-0257 | Unspecified vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. low complexity cisco | 4.3 |
| 2018-04-19 | CVE-2018-0256 | Improper Input Validation vulnerability in Cisco ASR 5000 Series Software 20.3.0.66671/P2P2.16.879 A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) process on an affected device to restart, resulting in a denial of service (DoS) condition. | 5.8 |
| 2018-04-19 | CVE-2018-0255 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 15.2(5)E A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 8.8 |