Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-22 | CVE-2018-0139 | Unspecified vulnerability in Cisco Unified Customer Voice Portal 11.5(1)/11.6 A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause the IVR connection to disconnect, creating a system-wide denial of service (DoS) condition. | 8.6 |
| 2018-02-22 | CVE-2018-0130 | Insecure Default Initialization of Resource vulnerability in Cisco Virtual Managed Services 3.0 A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to gain administrative access to an affected system. | 9.8 |
| 2018-02-22 | CVE-2018-0124 | Key Management Errors vulnerability in Cisco Unified Communications Domain Manager A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code. | 9.8 |
| 2018-02-22 | CVE-2018-0121 | Improper Authentication vulnerability in Cisco products A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. | 9.8 |
| 2018-02-08 | CVE-2018-0140 | Forced Browsing vulnerability in Cisco products A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. | 6.5 |
| 2018-02-08 | CVE-2018-0138 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. | 5.3 |
| 2018-02-08 | CVE-2018-0137 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Prime Network 4.3(0.0)Pp6/4.3(2.0)Pp1 A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2018-02-08 | CVE-2018-0135 | Improper Input Validation vulnerability in Cisco Unified Communications Manager 11.0(1.24075.1) A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to access sensitive information on an affected system. | 4.3 |
| 2018-02-08 | CVE-2018-0134 | Information Exposure Through Discrepancy vulnerability in Cisco Mobility Services Engine 13.0.0/13.1.0 A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to determine whether a subscriber username is valid. | 5.3 |
| 2018-02-08 | CVE-2018-0132 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Carrier Routing System 5.3.0.Rout A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. | 8.6 |