Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-17 | CVE-2017-6781 | Improper Authentication vulnerability in Cisco Policy Suite A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. | 5.3 |
| 2017-08-17 | CVE-2017-6778 | Information Exposure vulnerability in Cisco Ultra Services Platform 21.0.V0.65839 A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information. | 6.5 |
| 2017-08-17 | CVE-2017-6777 | Information Exposure vulnerability in Cisco Elastic Services Controller 2.3/2.3(2) A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. | 4.9 |
| 2017-08-17 | CVE-2017-6776 | Cross-site Scripting vulnerability in Cisco Elastic Services Controller 2.2(9.76)/2.3(1) A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 6.1 |
| 2017-08-17 | CVE-2017-6775 | Unspecified vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. | 5.7 |
| 2017-08-17 | CVE-2017-6774 | Files or Directories Accessible to External Parties vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. | 5.0 |
| 2017-08-17 | CVE-2017-6773 | Improper Input Validation vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. | 6.7 |
| 2017-08-17 | CVE-2017-6772 | Information Exposure vulnerability in Cisco Elastic Services Controller 2.3(2) A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. | 4.3 |
| 2017-08-17 | CVE-2017-6771 | Information Exposure vulnerability in Cisco Ultra Services Framework 21.0.V0.65839 A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. | 7.5 |
| 2017-08-17 | CVE-2017-6768 | Untrusted Search Path vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. | 7.8 |