Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-22 | CVE-2018-0204 | Weak Password Requirements vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for individual users. | 7.5 |
| 2018-02-22 | CVE-2018-0203 | Unspecified vulnerability in Cisco Unity Connection A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. | 5.3 |
| 2018-02-22 | CVE-2018-0201 | Cross-site Scripting vulnerability in Cisco Jabber 11.9/11.9(.0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. | 5.4 |
| 2018-02-22 | CVE-2018-0200 | Cross-site Scripting vulnerability in Cisco Prime Service Catalog A vulnerability in the web-based interface of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface of an affected product. | 6.1 |
| 2018-02-22 | CVE-2018-0199 | Cross-site Scripting vulnerability in Cisco Jabber 11.9/11.9(0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. | 6.1 |
| 2018-02-22 | CVE-2018-0148 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco UCS Director 6.5(0.0.65832) A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integrated Management Controller (IMC) Supervisor Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 8.8 |
| 2018-02-22 | CVE-2018-0146 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework 3.1 A vulnerability in the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 5.4 |
| 2018-02-22 | CVE-2018-0145 | Cross-site Scripting vulnerability in Cisco Data Center Analytics Framework 3.1 A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. | 6.1 |
| 2018-02-22 | CVE-2018-0139 | Unspecified vulnerability in Cisco Unified Customer Voice Portal 11.5(1)/11.6 A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause the IVR connection to disconnect, creating a system-wide denial of service (DoS) condition. | 8.6 |
| 2018-02-22 | CVE-2018-0130 | Insecure Default Initialization of Resource vulnerability in Cisco Virtual Managed Services 3.0 A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to gain administrative access to an affected system. | 9.8 |