Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-13 | CVE-2017-6690 | Improper Input Validation vulnerability in Cisco ASR 5000 Software 21.0.V0.65839/21.3.M0.67005 A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. | 4.0 |
| 2017-06-13 | CVE-2017-6689 | Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the admin user, aka an Insecure Default Administrator Credentials Vulnerability. | 6.5 |
| 2017-06-13 | CVE-2017-6688 | Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerability. | 9.0 |
| 2017-06-13 | CVE-2017-6687 | Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.0 A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability. | 6.5 |
| 2017-06-13 | CVE-2017-6686 | Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.0 A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device, aka an Insecure Default Credentials Vulnerability. | 6.5 |
| 2017-06-13 | CVE-2017-6685 | Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Staging Server 21.0.0 A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device, aka an Insecure Default Credentials Vulnerability. | 6.5 |
| 2017-06-13 | CVE-2017-6684 | Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 21.0.0 A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user, aka an Insecure Default Credentials Vulnerability. | 9.0 |
| 2017-06-13 | CVE-2017-6683 | OS Command Injection vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in the esc_listener.py script of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to execute arbitrary commands as the tomcat user on an affected system, aka an Authentication Request Processing Arbitrary Command Execution Vulnerability. | 9.0 |
| 2017-06-13 | CVE-2017-6682 | OS Command Injection vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user on an affected system. | 6.5 |
| 2017-06-13 | CVE-2017-6681 | Path Traversal vulnerability in Cisco Ultra Services Framework 21.0.0 A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system. | 5.0 |