Vulnerabilities > Cisco

DATE CVE VULNERABILITY TITLE RISK
2017-04-20 CVE-2017-6616 Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C)
A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system.
network
low complexity
cisco CWE-20
8.8
2017-04-20 CVE-2017-6615 Out-of-bounds Read vulnerability in Cisco IOS XE
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE 3.16 could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.
network
high complexity
cisco CWE-125
6.3
2017-04-20 CVE-2017-6614 Information Exposure vulnerability in Cisco Findit Network Probe 1.0.0
A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software 1.0.0 could allow an authenticated, remote attacker to download and view any system file by using the affected software.
network
low complexity
cisco CWE-200
6.5
2017-04-20 CVE-2017-6613 Improper Input Validation vulnerability in Cisco Prime Network Registrar
A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system.
network
low complexity
cisco CWE-20
5.8
2017-04-20 CVE-2017-6611 Cross-site Scripting vulnerability in Cisco Prime Infrastructure 2.2(2)
A vulnerability in the web framework code of Cisco Prime Infrastructure 2.2(2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.
network
low complexity
cisco CWE-79
6.1
2017-04-20 CVE-2017-6610 Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system.
network
low complexity
cisco CWE-20
7.7
2017-04-20 CVE-2017-6609 Unspecified vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system.
network
low complexity
cisco
7.7
2017-04-20 CVE-2017-6608 Unspecified vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system.
network
low complexity
cisco
8.6
2017-04-20 CVE-2017-6607 Unspecified vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache.
network
high complexity
cisco
8.7
2017-04-20 CVE-2017-3863 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE
Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition.
network
low complexity
cisco CWE-119
8.6