Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-18 | CVE-2017-6652 | Improper Input Validation vulnerability in Cisco Telepresence Ix5000 8.2.0Base A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. | 7.5 |
| 2017-05-18 | CVE-2017-6623 | Improper Privilege Management vulnerability in Cisco Policy Suite 10.0.0/10.1.0/11.0.0 A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. | 7.8 |
| 2017-05-18 | CVE-2017-6622 | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. | 9.8 |
| 2017-05-18 | CVE-2017-6621 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. | 7.5 |
| 2017-05-16 | CVE-2017-6658 | Out-of-bounds Read vulnerability in Cisco Sourcefire Snort 3.0 Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. | 7.5 |
| 2017-05-16 | CVE-2017-6657 | Unspecified vulnerability in Cisco Snort++ Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. | 7.5 |
| 2017-05-16 | CVE-2017-6651 | Information Exposure vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings. | 7.5 |
| 2017-05-16 | CVE-2017-3882 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 9.6 |
| 2017-05-16 | CVE-2017-3876 | Unspecified vulnerability in Cisco IOS XR 6.1.0/6.1.1 A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. | 7.5 |
| 2017-05-16 | CVE-2017-3873 | Improper Input Validation vulnerability in Cisco Aironet Access Point Firmware 8.3102.0 A vulnerability in the Plug-and-Play (PnP) subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point (AP) or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges. | 7.5 |