Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-06-12 | CVE-2015-0773 | Permissions, Privileges, and Access Controls vulnerability in Cisco Firesight System Software 5.3.1.1/6.0.0 Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arbitrary user's dashboard via a modified VPN deletion request in a management session, aka Bug ID CSCut67078. | 5.5 |
| 2015-06-12 | CVE-2015-0771 | Resource Management Errors vulnerability in Cisco IOS 12.2(33)Sxj8/12.2Sxj The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service (device reload) by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505. | 6.3 |
| 2015-06-12 | CVE-2015-0737 | Cross-site Scripting vulnerability in Cisco Firesight System Software 5.3.1.1 Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.1 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) GET or (2) POST parameter, aka Bug ID CSCuu11099. | 4.3 |
| 2015-06-07 | CVE-2015-0770 | Improper Input Validation vulnerability in Cisco Telepresence TC Software CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341. | 5.0 |
| 2015-06-07 | CVE-2015-0767 | Permissions, Privileges, and Access Controls vulnerability in Cisco Edge 340 Firmware 1.0.0/1.1.0 Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local users to obtain root privileges via unspecified commands, aka Bug ID CSCur18132. | 7.2 |
| 2015-06-04 | CVE-2015-0766 | Cross-site Scripting vulnerability in Cisco Firesight System Software 6.0.0 Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut47196. | 4.3 |
| 2015-06-04 | CVE-2015-0765 | Resource Management Errors vulnerability in Cisco ONS 15454 System Software 10.30/10.301 Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263. | 5.0 |
| 2015-06-04 | CVE-2015-0764 | Information Exposure vulnerability in Cisco Unified Meetingplace 8.6(1.9) Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via a crafted resource request, aka Bug ID CSCus95603. | 5.0 |
| 2015-06-04 | CVE-2015-0763 | Information Exposure vulnerability in Cisco Unified Meetingplace 8.6(1.2) Cisco Unified MeetingPlace 8.6(1.2) does not properly validate session IDs in http URLs, which allows remote attackers to obtain sensitive session information via a crafted URL, aka Bug ID CSCuu60338. | 5.0 |
| 2015-06-04 | CVE-2015-0762 | Cross-site Scripting vulnerability in Cisco Unified Meetingplace 8.6(1.2)/8.6(1.9) Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) for Microsoft Outlook allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCuu51400. | 4.3 |