Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-15 | CVE-2017-3831 | Improper Authentication vulnerability in Cisco Aironet Access Point Software A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. | 9.8 |
| 2017-03-15 | CVE-2017-3819 | Missing Authentication for Critical Function vulnerability in Cisco ASR 5000 Series Software and Virtualized Packet Core A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. | 8.8 |
| 2017-03-01 | CVE-2017-3826 | Improper Input Validation vulnerability in Cisco Netflow Generation Appliance Software A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. | 7.5 |
| 2017-02-22 | CVE-2017-3847 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center 6.2.1 A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 5.4 |
| 2017-02-22 | CVE-2017-3845 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2017-02-22 | CVE-2017-3844 | Improper Input Validation vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0 A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. | 4.3 |
| 2017-02-22 | CVE-2017-3843 | Improper Input Validation vulnerability in Cisco Prime Collaboration Assurance 11.0.0/11.1.0/11.5.0 A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. | 4.3 |
| 2017-02-22 | CVE-2017-3842 | Information Exposure vulnerability in Cisco Intrusion Prevention System Device Manager 7.2(1)V7 A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments. | 5.3 |
| 2017-02-22 | CVE-2017-3841 | Information Exposure vulnerability in Cisco Secure Access Control System 5.8(2.5) A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. | 7.5 |
| 2017-02-22 | CVE-2017-3840 | Open Redirect vulnerability in Cisco Secure Access Control System 5.8(2.5) A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect Vulnerability. | 6.1 |