Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-10 | CVE-2017-6732 | Improper Privilege Management vulnerability in Cisco Prime Network A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. | 6.7 |
| 2017-07-10 | CVE-2017-6731 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XR 4.3.2.Mcast/6.0.2.Base A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing for Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service (DoS) condition. | 7.5 |
| 2017-07-10 | CVE-2017-6730 | Information Exposure vulnerability in Cisco Wide Area Application Services 4.4(7)/6.2(1)/6.2(3) A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected system, aka Information Disclosure. | 5.3 |
| 2017-07-10 | CVE-2017-6729 | Unspecified vulnerability in Cisco ASR 5000 Software A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2017-07-10 | CVE-2017-6728 | Improper Privilege Management vulnerability in Cisco IOS XR A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary code at the root privilege level on an affected system, because of Incorrect Permissions. | 7.0 |
| 2017-07-10 | CVE-2017-6727 | Improper Input Validation vulnerability in Cisco Wide Area Application Services 6.2(3A) A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due to a process restarting unexpectedly and creating Core Dump files. | 5.3 |
| 2017-07-10 | CVE-2017-6726 | Information Exposure vulnerability in Cisco Prime Network 4.2(1.0)P1 A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. | 5.5 |
| 2017-07-06 | CVE-2017-6714 | OS Command Injection vulnerability in Cisco Ultra Services Framework Staging Server 5.0.2 A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. | 9.8 |
| 2017-07-06 | CVE-2017-6713 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Elastic Services Controller A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain full access to the affected system. | 9.8 |
| 2017-07-06 | CVE-2017-6712 | OS Command Injection vulnerability in Cisco Elastic Services Controller A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. | 8.8 |