Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-19 | CVE-2015-4301 | Resource Management Errors vulnerability in Cisco Nx-Os 11.1(1C) Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225. | 6.8 |
| 2015-08-19 | CVE-2015-4299 | Improper Access Control vulnerability in Cisco Unified web and E-Mail Interaction Manager 9.0(2) Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly performs authorization, which allows remote authenticated users to remove default messaging-queue system folders via unspecified vectors, aka Bug ID CSCuo89046. | 5.5 |
| 2015-08-19 | CVE-2015-4298 | Improper Access Control vulnerability in Cisco Unified web and E-Mail Interaction Manager 11.0(1)/9.0(2) Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056. | 6.5 |
| 2015-08-19 | CVE-2015-4302 | Improper Access Control vulnerability in Cisco Firesight System Software 5.3.1.4 The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows remote attackers to delete arbitrary system policies via modified parameters in a POST request, aka Bug ID CSCuu25390. | 6.4 |
| 2015-08-19 | CVE-2015-4297 | Open Redirection vulnerability in Cisco WebEx Node for MCS Open redirect vulnerability in Cisco WebEx Node for Media Convergence Server (MCS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted HTTP request parameters, aka Bug ID CSCuv32136. network cisco | 5.8 |
| 2015-08-01 | CVE-2015-4295 | Information Exposure vulnerability in Cisco Unified Communications Manager 10.5(3.10000.9) The Prime Collaboration Deployment component in Cisco Unified Communications Manager 10.5(3.10000.9) allows remote authenticated users to discover root credentials via a direct request to an unspecified URL, aka Bug ID CSCuv21819. | 4.0 |
| 2015-08-01 | CVE-2015-4294 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager IM and Presence Service 10.5(1)/9.0(1)/9.1(1) Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages incomplete filtering of HTML elements, aka Bug ID CSCut41766. | 4.3 |
| 2015-08-01 | CVE-2015-4292 | Cross-site Scripting vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance 10.6(2) Cross-site scripting (XSS) vulnerability in the management interface in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(2) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuv45818. | 4.3 |
| 2015-08-01 | CVE-2015-4291 | Resource Management Errors vulnerability in Cisco IOS XE Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted series of fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCtd72617. | 7.8 |
| 2015-08-01 | CVE-2015-4289 | Path Traversal vulnerability in Cisco Anyconnect Secure Mobility Client 4.0(2049) Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920. | 6.4 |