Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-14 | CVE-2016-9199 | Path Traversal vulnerability in Cisco IOX 1.1.0 A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. | 6.5 |
| 2016-12-14 | CVE-2016-9198 | Resource Management Errors vulnerability in Cisco Identity Services Engine 1.2(1.199) A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. | 7.5 |
| 2016-12-14 | CVE-2016-9193 | Improper Input Validation vulnerability in Cisco products A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. | 7.5 |
| 2016-12-14 | CVE-2016-9192 | Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. | 7.8 |
| 2016-12-14 | CVE-2016-6474 | Improper Authentication vulnerability in Cisco IOS 15.5(2.25)T A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system. | 7.3 |
| 2016-12-14 | CVE-2016-6473 | Injection vulnerability in Cisco IOS A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. | 6.5 |
| 2016-12-14 | CVE-2016-6471 | Information Exposure vulnerability in Cisco Firesight System Software 5.4.1.6 A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password. | 6.5 |
| 2016-12-14 | CVE-2016-6470 | Permissions, Privileges, and Access Controls vulnerability in Cisco Hybrid Media Service 1.0Base A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. | 7.8 |
| 2016-12-14 | CVE-2016-6469 | Resource Management Errors vulnerability in Cisco web Security Appliance 9.0.1162/9.1.1074 A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting. | 7.5 |
| 2016-12-14 | CVE-2016-6468 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Emergency Responder 11.5(1.10000.4) A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |