Vulnerabilities > Cisco

DATE CVE VULNERABILITY TITLE RISK
2015-09-20 CVE-2015-4307 Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Provisioning
The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated users to bypass intended access restrictions and create administrative accounts via a crafted URL, aka Bug ID CSCut64111.
network
low complexity
cisco CWE-264
critical
 9.0
9.0
2015-09-20 CVE-2015-4306 Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Assurance
The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session identifier and constructing a crafted URL, aka Bug IDs CSCus88343 and CSCus88334.
network
cisco CWE-264
8.5
8.5
2015-09-20 CVE-2015-4305 Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Assurance
The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656.
network
low complexity
cisco CWE-264
4.0
4.0
2015-09-20 CVE-2015-4304 Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Assurance
The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652.
network
low complexity
cisco CWE-264
critical
 9.0
9.0
2015-09-18 CVE-2015-6297 Resource Management Errors vulnerability in Cisco IOS XR 5.2.0Base
The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525.
network
low complexity
cisco CWE-399
5.0
5.0
2015-09-18 CVE-2015-6296 Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Network Registrar 8.1.3.3/8.2.3/8.3.2
Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.
local
low complexity
cisco CWE-264
7.2
7.2
2015-09-18 CVE-2015-6294 Resource Management Errors vulnerability in Cisco IOS and IOS XE
Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a denial of service (functionality loss) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuu25770.
low complexity
cisco CWE-399
6.1
6.1
2015-09-14 CVE-2015-6290 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco web Security Virtual Appliance
Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.
network
cisco CWE-119
4.3
4.3
2015-09-14 CVE-2015-6288 Resource Management Errors vulnerability in Cisco Content Security Management Appliance 7.8Base
Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause a denial of service (rapid log-file rollover and application fault) via crafted HTTP requests, aka Bug ID CSCuw09620.
network
low complexity
cisco CWE-399
5.0
5.0
2015-09-14 CVE-2015-6287 Resource Management Errors vulnerability in Cisco web Security Virtual Appliance 8.0.5/8.0.6/8.0Base
Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907.
network
low complexity
cisco CWE-399
5.0
5.0