Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-10-08 | CVE-2015-6311 | Resource Management Errors vulnerability in Cisco Wireless LAN Controller 7.0(240.0)/7.3(101.0)/7.4(1.19) Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allow remote attackers to cause a denial of service (device outage) by sending malformed 802.11i management data to a managed access point, aka Bug ID CSCub65236. | 6.1 |
| 2015-10-08 | CVE-2015-6310 | Resource Management Errors vulnerability in Cisco Unified Communications Manager IM and Presence Service 11.5(1) The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy service restart) via a crafted HTTP request, aka Bug ID CSCuw31632. | 5.0 |
| 2015-10-06 | CVE-2015-7600 | Permissions, Privileges, and Access Controls vulnerability in Cisco VPN Client Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local users to gain privileges by entering an arbitrary program name in the Command field of the ApplicationLauncher section. | 7.2 |
| 2015-10-02 | CVE-2015-6309 | Resource Management Errors vulnerability in Cisco products Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service (file-descriptor consumption and device reload) via crafted HTTP requests, aka Bug ID CSCuw32211. | 6.8 |
| 2015-10-02 | CVE-2015-6308 | Resource Management Errors vulnerability in Cisco Nx-Os 6.0(2)U6(0.46) Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated users to cause a denial of service (temporary SNMP outage) via an SNMP request for an OID that does not exist, aka Bug ID CSCuw36684. | 4.0 |
| 2015-09-28 | CVE-2015-6307 | Resource Management Errors vulnerability in Cisco Firepower 5.4.0.1 Cisco FirePOWER (formerly Sourcefire) 7000 and 8000 devices with software 5.4.0.1 allow remote attackers to cause a denial of service (inspection-engine outage) via crafted packets, aka Bug ID CSCuu10871. | 6.1 |
| 2015-09-28 | CVE-2015-6280 | Improper Authentication vulnerability in Cisco IOS and IOS XE The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E before 3.6.3E, 3.7E before 3.7.1E, 3.10S before 3.10.6S, 3.11S before 3.11.4S, 3.12S before 3.12.3S, 3.13S before 3.13.3S, and 3.14S before 3.14.1S does not properly implement RSA authentication, which allows remote attackers to obtain login access by leveraging knowledge of a username and the associated public key, aka Bug ID CSCus73013. | 9.3 |
| 2015-09-28 | CVE-2015-6279 | Improper Input Validation vulnerability in Cisco IOS and IOS XE The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400. | 7.8 |
| 2015-09-28 | CVE-2015-6278 | Improper Input Validation vulnerability in Cisco IOS and IOS XE The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ID CSCus19794. | 7.8 |
| 2015-09-26 | CVE-2015-6306 | Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client 4.1.(8) Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947. | 7.2 |