Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-26 | CVE-2017-6678 | Improper Handling of Exceptional Conditions vulnerability in Cisco Virtualized Packet Core A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. | 7.8 |
| 2017-06-26 | CVE-2017-6669 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Advanced Recording Format Player 29.10 Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. | 6.8 |
| 2017-06-26 | CVE-2017-6662 | XXE vulnerability in Cisco products A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execution. | 6.0 |
| 2017-06-13 | CVE-2017-6697 | Information Exposure vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. | 4.0 |
| 2017-06-13 | CVE-2017-6696 | Information Exposure vulnerability in Cisco Elastic Services Controller 2.3(2) A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credentials that are stored in an affected system. | 2.1 |
| 2017-06-13 | CVE-2017-6695 | Information Exposure vulnerability in Cisco Ultra Services Platform 21.0.V0.65839 A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information. | 2.1 |
| 2017-06-13 | CVE-2017-6694 | Insufficiently Protected Credentials vulnerability in Cisco Ultra Services Platform 21.0.V0.65839 A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive data (cleartext credentials) on an affected system. | 2.1 |
| 2017-06-13 | CVE-2017-6693 | Missing Authorization vulnerability in Cisco Elastic Services Controller 2.2(9.76)/2.3(1) A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored in the file system of an affected system, aka Unauthorized Directory Access. | 2.1 |
| 2017-06-13 | CVE-2017-6692 | Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.V0.65839 A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user, aka an Insecure Default Account Information Vulnerability. | 9.0 |
| 2017-06-13 | CVE-2017-6691 | Information Exposure vulnerability in Cisco Elastic Services Controller 2.3(2) A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affected system. | 4.0 |