Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2017-3823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. | 9.3 |
| 2017-01-26 | CVE-2017-3805 | Information Exposure vulnerability in Cisco IOX 1.0(0) A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. | 5.0 |
| 2017-01-26 | CVE-2017-3804 | Denial of Service vulnerability in Multiple Cisco Nexus Devices A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. | 5.7 |
| 2017-01-26 | CVE-2017-3803 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS 15.2(2)E3/15.2(4)E1 A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition. | 3.3 |
| 2017-01-26 | CVE-2017-3802 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 12.0(0.99000.9) A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 4.3 |
| 2017-01-26 | CVE-2017-3800 | Improper Input Validation vulnerability in Cisco Email Security Appliance 9.7.1066/9.7.1Hp2207/9.8.5085 A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. | 5.0 |
| 2017-01-26 | CVE-2017-3799 | Open Redirect vulnerability in Cisco Webex Meeting Center Wbs28Base A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. | 5.8 |
| 2017-01-26 | CVE-2017-3798 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.5(1.12000.1) A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS attacks against a user of an affected device. | 4.3 |
| 2017-01-26 | CVE-2017-3797 | Information Exposure vulnerability in Cisco Webex Meetings Server 2.7.1/2.7Base A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. | 5.0 |
| 2017-01-26 | CVE-2017-3796 | OS Command Injection vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. | 6.5 |