Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-09 | CVE-2017-3813 | Missing Authorization vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. | 7.8 |
| 2017-02-09 | CVE-2017-3807 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. | 8.8 |
| 2017-02-03 | CVE-2017-3824 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE 3.16.0/3.16.1/3.17.0 A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition. | 6.8 |
| 2017-02-03 | CVE-2017-3822 | Improper Input Validation vulnerability in Cisco Firepower Threat Defense 6.1.0 A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. | 5.3 |
| 2017-02-03 | CVE-2017-3820 | Improper Initialization vulnerability in Cisco IOS XE 3.13.6S/3.16.2S/3.17.1S A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. | 6.5 |
| 2017-02-03 | CVE-2017-3818 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 9.7.1066 A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering Bypass. | 5.8 |
| 2017-02-03 | CVE-2017-3814 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. | 5.8 |
| 2017-02-03 | CVE-2017-3812 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Industrial Ethernet 2000 Series Firmware 15.2(5.4.32I)E2 A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. | 6.8 |
| 2017-02-03 | CVE-2017-3810 | Open Redirect vulnerability in Cisco Prime Service Catalog 10.0(R2)Base A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. | 5.4 |
| 2017-02-03 | CVE-2017-3809 | Improper Input Validation vulnerability in Cisco Firepower Management Center 6.1.0/6.2.0 A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base. | 5.8 |