Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-03 | CVE-2017-3818 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 9.7.1066 A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering Bypass. | 5.0 |
| 2017-02-03 | CVE-2017-3814 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. | 5.0 |
| 2017-02-03 | CVE-2017-3812 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Industrial Ethernet 2000 Series Firmware A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. | 7.1 |
| 2017-02-03 | CVE-2017-3810 | Open Redirect vulnerability in Cisco Prime Service Catalog 10.0(R2)Base A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. | 4.9 |
| 2017-02-03 | CVE-2017-3809 | Improper Input Validation vulnerability in Cisco Firepower Management Center 6.1.0/6.2.0 A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base. | 5.0 |
| 2017-02-03 | CVE-2017-3806 | OS Command Injection vulnerability in Cisco Firepower Threat Defense A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. | 4.6 |
| 2017-02-01 | CVE-2017-3792 | Improper Input Validation vulnerability in Cisco Telepresence MCU Software A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 10.0 |
| 2017-02-01 | CVE-2017-3791 | Improper Authentication vulnerability in Cisco Prime Home A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. | 10.0 |
| 2017-02-01 | CVE-2017-3790 | Improper Input Validation vulnerability in Cisco products A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. | 7.8 |
| 2017-02-01 | CVE-2016-9225 | Resource Management Errors vulnerability in Cisco ASA CX Context-Aware Security Software A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. | 7.8 |