Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-16 | CVE-2017-3825 | Improper Input Validation vulnerability in Cisco Telepresence CE and Telepresence TC A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. | 7.5 |
| 2017-05-03 | CVE-2017-6629 | Path Traversal vulnerability in Cisco Unity Connection 10.5(2) A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected device. | 5.3 |
| 2017-05-03 | CVE-2017-6628 | Improper Handling of Exceptional Conditions vulnerability in Cisco Wide Area Application Services 6.2.1/6.2.1A/6.2.3A A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts. | 6.8 |
| 2017-05-03 | CVE-2017-6626 | Information Exposure vulnerability in Cisco Unified Contact Center Enterprise 11.5(1)/11.6(1) A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise (UCCE) 11.5(1) and 11.6(1) could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. | 5.3 |
| 2017-05-03 | CVE-2017-6625 | Unspecified vulnerability in Cisco Firepower Threat Defense A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. | 7.1 |
| 2017-05-03 | CVE-2017-6624 | Improper Authentication vulnerability in Cisco IOS 15.5(3)M A vulnerability in Cisco IOS 15.5(3)M Software for Cisco CallManager Express (CME) could allow an unauthenticated, remote attacker to make unauthorized phone calls. | 5.3 |
| 2017-05-03 | CVE-2017-6620 | Improper Input Validation vulnerability in Cisco Small Business RV Series Router Firmware 1.0.1.19 A vulnerability in the remote management access control list (ACL) feature of the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to bypass the remote management ACL. | 5.8 |
| 2017-04-20 | CVE-2017-6619 | Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. | 8.8 |
| 2017-04-20 | CVE-2017-6618 | Cross-site Scripting vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. | 5.4 |
| 2017-04-20 | CVE-2017-6617 | Improper Authentication vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. | 5.4 |