Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-05-02 | CVE-2014-2159 | Improper Input Validation vulnerability in Cisco products The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCtq78722. | 7.8 |
| 2014-05-02 | CVE-2014-2158 | Improper Input Validation vulnerability in Cisco products Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45720. | 7.8 |
| 2014-05-02 | CVE-2014-2157 | Improper Input Validation vulnerability in Cisco products Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45733. | 7.1 |
| 2014-05-02 | CVE-2014-2156 | Improper Input Validation vulnerability in Cisco products Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45739. | 7.1 |
| 2014-04-30 | CVE-2014-2186 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj81777. | 6.8 |
| 2014-04-29 | CVE-2014-2185 | Information Exposure vulnerability in Cisco Unified Communications Manager The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374. | 4.0 |
| 2014-04-29 | CVE-2014-2184 | Improper Input Validation vulnerability in Cisco Unified Communications Manager The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352. | 5.0 |
| 2014-04-29 | CVE-2014-2183 | Improper Input Validation vulnerability in Cisco products The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973. | 6.3 |
| 2014-04-29 | CVE-2014-2180 | Improper Input Validation vulnerability in Cisco products The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133. | 4.0 |
| 2014-04-24 | CVE-2012-5723 | Improper Input Validation vulnerability in Cisco products Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948. | 6.1 |