Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-18 | CVE-2016-6403 | Resource Management Errors vulnerability in Cisco IOS The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCuy82904, CSCuy82909, and CSCuy82912. | 4.3 |
| 2016-09-18 | CVE-2016-6402 | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Computing System UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263. | 7.2 |
| 2016-09-18 | CVE-2016-1433 | Resource Management Errors vulnerability in Cisco IOS XR 6.0.0/6.0.1/6.0Base Cisco IOS XR 6.0 and 6.0.1 on NCS 6000 devices allows remote attackers to cause a denial of service (OSPFv3 process reload) via crafted OSPFv3 packets, aka Bug ID CSCuz66289. | 5.0 |
| 2016-09-17 | CVE-2016-1482 | OS Command Injection vulnerability in Cisco Webex Meetings Server 2.6.0 Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. | 9.3 |
| 2016-09-17 | CVE-2016-6407 | Resource Management Errors vulnerability in Cisco web Security Appliance Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219. | 5.0 |
| 2016-09-17 | CVE-2016-6401 | Resource Management Errors vulnerability in Cisco Carrier Routing System 5.1.4/5.1Base Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote attackers to cause a denial of service (line-card reload) via crafted IPv6-over-MPLS packets, aka Bug ID CSCva32494. | 5.7 |
| 2016-09-12 | CVE-2016-6399 | Improper Input Validation vulnerability in Cisco products Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via crafted (1) SSL or (2) TLS packets, aka Bug ID CSCvb16317. | 7.8 |
| 2016-09-12 | CVE-2016-6398 | Information Exposure vulnerability in Cisco IOS 15.5(3)M The PPTP server in Cisco IOS 15.5(3)M does not properly initialize packet buffers, which allows remote attackers to obtain sensitive information from earlier network communication by reading packet data, aka Bug ID CSCvb16274. | 5.0 |
| 2016-09-12 | CVE-2016-6396 | Improper Input Validation vulnerability in Cisco Firesight System Software Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482. | 5.0 |
| 2016-09-12 | CVE-2016-6395 | Cross-site Scripting vulnerability in Cisco Firesight System Software Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz58658. | 3.5 |