Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-01-09 | CVE-2014-8033 | Improper Authentication vulnerability in Cisco Webex Meetings Server The play/modules component in Cisco WebEx Meetings Server allows remote attackers to obtain administrator access via crafted API requests, aka Bug ID CSCuj40421. | 5.0 |
| 2015-01-09 | CVE-2014-8032 | Information Exposure vulnerability in Cisco Webex Meetings Server The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive encrypted-password information via unspecified vectors, aka Bug IDs CSCuj40453 and CSCuj40449. | 4.0 |
| 2015-01-09 | CVE-2014-8031 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj40456. | 6.8 |
| 2015-01-09 | CVE-2014-8030 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco WebEx Meetings Server allows remote attackers to inject arbitrary web script or HTML via the email parameter, aka Bug ID CSCuj40381. | 4.3 |
| 2015-01-09 | CVE-2014-8029 | Open Redirection vulnerability in Cisco Secure Access Control Server Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCuq74150. network cisco | 5.8 |
| 2015-01-09 | CVE-2014-8028 | Cross-site Scripting vulnerability in Cisco Secure Access Control System Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Secure Access Control System (ACS) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq79019. | 4.3 |
| 2015-01-09 | CVE-2014-8027 | Permissions, Privileges, and Access Controls vulnerability in Cisco Secure Access Control System The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034. | 6.5 |
| 2014-12-24 | CVE-2014-7999 | Permissions, Privileges, and Access Controls vulnerability in Cisco products Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565. | 7.7 |
| 2014-12-24 | CVE-2014-7995 | Permissions, Privileges, and Access Controls vulnerability in Cisco products Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077. | 7.2 |
| 2014-12-24 | CVE-2014-7994 | Improper Input Validation vulnerability in Cisco products Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991. | 5.4 |