Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-08 | CVE-2018-0117 | Improper Input Validation vulnerability in Cisco ASR 5000 Firmware and ASR 5500 Firmware A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-02-08 | CVE-2018-0116 | Improper Authentication vulnerability in Cisco Mobility Services Engine 13.0.0/13.1.0/14.0.0 A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to be authorized as a subscriber without providing a valid password; however, the attacker must provide a valid username. | 7.2 |
| 2018-02-08 | CVE-2018-0113 | Improper Input Validation vulnerability in Cisco Unified Computing System Central Software 1.5(1C) A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user. | 8.8 |
| 2018-01-31 | CVE-2018-0136 | Unspecified vulnerability in Cisco IOS XR 5.3.4 A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-01-29 | CVE-2018-0101 | Double Free vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. | 10.0 |
| 2018-01-18 | CVE-2018-0115 | OS Command Injection vulnerability in Cisco Staros A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected host operating system. | 6.7 |
| 2018-01-18 | CVE-2018-0111 | Information Exposure vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. | 5.3 |
| 2018-01-18 | CVE-2018-0110 | Incorrect Authorization vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. | 8.1 |
| 2018-01-18 | CVE-2018-0109 | Information Exposure vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. | 2.7 |
| 2018-01-18 | CVE-2018-0108 | XXE vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. | 5.3 |