Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-20 | CVE-2016-6368 | Resource Management Errors vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. | 8.6 |
| 2017-04-07 | CVE-2017-6606 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. | 6.4 |
| 2017-04-07 | CVE-2017-6604 | Open Redirect vulnerability in Cisco Unified Computing System 2.2(8B)/3.0(1C)/3.1(2C)B A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 6.1 |
| 2017-04-07 | CVE-2017-6603 | Unspecified vulnerability in Cisco ASR 900 Series Firmware 15.4(3)S3.15 A vulnerability in Cisco ASR 903 or ASR 920 Series Devices running with an RSP2 card could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a targeted system because of incorrect IPv6 Packet Processing. low complexity cisco | 6.5 |
| 2017-04-07 | CVE-2017-6602 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. | 4.4 |
| 2017-04-07 | CVE-2017-6601 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. | 7.1 |
| 2017-04-07 | CVE-2017-6600 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |
| 2017-04-07 | CVE-2017-6599 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS XR 6.1.1/6.2.1 A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition. | 5.3 |
| 2017-04-07 | CVE-2017-6598 | Missing Authorization vulnerability in Cisco products A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to execute arbitrary commands, aka Privilege Escalation. | 6.7 |
| 2017-04-07 | CVE-2017-6597 | OS Command Injection vulnerability in Cisco products A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |