Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-05-29 | CVE-2015-0756 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller 7.4(1.1) Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) allow remote attackers to cause a denial of service (wireless-networking outage) via crafted TCP traffic on the local network, aka Bug ID CSCug67104. | 6.1 |
2015-05-29 | CVE-2015-0755 | Improper Access Control vulnerability in Cisco Anyconnect Secure Mobility Client 4.0(64) The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797. | 6.8 |
2015-05-29 | CVE-2015-0754 | Improper Input Validation vulnerability in Cisco Finesse 10.5(1)Base Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a denial of service (CPU and memory consumption) via a crafted XML document, aka Bug ID CSCut95810. | 7.5 |
2015-05-29 | CVE-2015-0753 | Improper Input Validation vulnerability in Cisco Unified web and E-Mail Interaction Manager 9.0(2) SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028. | 6.8 |
2015-05-29 | CVE-2015-0752 | Cross-site Scripting vulnerability in Cisco Telepresence Video Communication Server X8.5.1 Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27635. | 4.3 |
2015-05-29 | CVE-2015-0751 | Improper Input Validation vulnerability in Cisco Unified Communications Manager 10.3(1) Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800. | 7.8 |
2015-05-25 | CVE-2015-0722 | Resource Management Errors vulnerability in Cisco Telepresence TC Software and Telepresence TE Software The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952. | 7.8 |
2015-05-25 | CVE-2015-0713 | Permissions, Privileges, and Access Controls vulnerability in Cisco products The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855. | 9.0 |
2015-05-25 | CVE-2014-2174 | Improper Access Control vulnerability in Cisco Telepresence TC Software and Telepresence TE Software Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651. | 8.3 |
2015-05-23 | CVE-2015-0750 | Permissions, Privileges, and Access Controls vulnerability in Cisco Hosted Collaboration Solution The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786. | 6.5 |