Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-03 | CVE-2017-3806 | OS Command Injection vulnerability in Cisco Firepower Threat Defense A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. | 5.3 |
| 2017-02-01 | CVE-2017-3792 | Improper Input Validation vulnerability in Cisco Telepresence MCU Software A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 9.8 |
| 2017-02-01 | CVE-2017-3791 | Improper Authentication vulnerability in Cisco Prime Home A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. | 10.0 |
| 2017-02-01 | CVE-2017-3790 | Improper Input Validation vulnerability in Cisco products A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. | 8.6 |
| 2017-02-01 | CVE-2016-9225 | Resource Management Errors vulnerability in Cisco ASA CX Context-Aware Security Software A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. | 8.6 |
| 2017-02-01 | CVE-2017-3823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. | 8.8 |
| 2017-01-26 | CVE-2017-3805 | Information Exposure vulnerability in Cisco IOX 1.0(0) A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. | 5.3 |
| 2017-01-26 | CVE-2017-3804 | Unspecified vulnerability in Cisco Nx-Os A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. high complexity cisco | 6.1 |
| 2017-01-26 | CVE-2017-3803 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS 15.2(2)E3/15.2(4)E1 A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition. | 4.7 |
| 2017-01-26 | CVE-2017-3802 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 12.0(0.99000.9) A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |