Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-07 | CVE-2017-12221 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. | 3.5 |
| 2017-09-07 | CVE-2017-12220 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2017-09-07 | CVE-2017-12218 | Improper Input Validation vulnerability in Cisco Asyncos A vulnerability in the malware detection functionality within Advanced Malware Protection (AMP) of Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated, remote attacker to cause an email attachment containing malware to be delivered to the end user. | 5.0 |
| 2017-09-07 | CVE-2017-12217 | Improper Input Validation vulnerability in Cisco ASR 5500 Firmware A vulnerability in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution (SAE) Gateways could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. | 5.0 |
| 2017-09-07 | CVE-2017-12216 | XXE vulnerability in Cisco Socialminer A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. | 6.8 |
| 2017-09-07 | CVE-2017-12213 | Improper Authentication vulnerability in Cisco IOS XE A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dynamic ACL assignment to fail and the port to fail open. | 3.3 |
| 2017-09-07 | CVE-2017-12212 | Cross-site Scripting vulnerability in Cisco Unity Connection 10.5(2) A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 4.3 |
| 2017-09-07 | CVE-2017-12211 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of the device. network cisco | 6.3 |
| 2017-08-17 | CVE-2017-6790 | Unspecified vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the targeted appliance. network cisco | 7.1 |
| 2017-08-17 | CVE-2017-6788 | Cross-site Scripting vulnerability in Cisco Anyconnect Secure Mobility Client 4.4(4027)/4.5(58) The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software. | 4.3 |