Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-06-17 | CVE-2015-4183 | OS Command Injection vulnerability in Cisco Unified Computing System 1.2(1A) Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795. | 7.2 |
| 2015-06-13 | CVE-2015-4185 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS 15.2(4)M6/15.2M The TCL interpreter in Cisco IOS 15.2 does not properly maintain the vty state, which allows local users to gain privileges by starting a session very soon after a TCL script execution, aka Bug ID CSCuq24202. | 6.9 |
| 2015-06-13 | CVE-2015-4184 | Improper Input Validation vulnerability in Cisco Email Security Appliance 3.33109/7.5.1Gpl022/8.5.6074 The anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote attackers to bypass intended e-mail restrictions via a malformed DNS SPF record, aka Bug IDs CSCuu35853 and CSCuu37733. | 5.0 |
| 2015-06-12 | CVE-2015-4182 | Permissions, Privileges, and Access Controls vulnerability in Cisco Identity Services Engine Software The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087. | 5.5 |
| 2015-06-12 | CVE-2015-0776 | Resource Management Errors vulnerability in Cisco IOS XR 5.0.1 telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (device reload) via a malformed TELNET packet, aka Bug ID CSCuq31566. | 5.0 |
| 2015-06-12 | CVE-2015-0775 | Resource Management Errors vulnerability in Cisco MDS 9000 Nx-Os, Nexus 1000V and Nx-Os The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182. | 5.0 |
| 2015-06-12 | CVE-2015-0772 | Resource Management Errors vulnerability in Cisco Telepresence Video Communication Server Software X8.5 Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422. | 7.1 |
| 2015-06-12 | CVE-2015-0769 | Resource Management Errors vulnerability in Cisco IOS XR Software Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546. | 7.8 |
| 2015-06-12 | CVE-2015-0768 | Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Network Control System 2.1(0.0.85)/2.2(0.0.58)/2.2(0.0.69) The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login session, aka Bug ID CSCur27371. | 6.5 |
| 2015-06-12 | CVE-2015-0774 | Cross-site Scripting vulnerability in Cisco Application and Content Networking System Software 5.5(9) Cross-site scripting (XSS) vulnerability in Cisco Application and Content Networking System (ACNS) 5.5(9) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuu70650. | 4.3 |