Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-11-13 | CVE-2013-6684 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller The web framework on Cisco Wireless LAN Controller (WLC) devices does not properly validate configuration parameters, which allows remote authenticated users to cause a denial of service via a crafted HTTP request, aka Bug ID CSCuh81011. | 6.8 |
| 2013-11-13 | CVE-2013-6683 | Improper Input Validation vulnerability in Cisco Nx-Os The IPv6 implementation in Cisco NX-OS does not properly handle neighbor-table adjacencies, which allows remote attackers to cause a denial of service (NS processing outage) via a series of malformed packets, aka Bug ID CSCtd15904. | 6.1 |
| 2013-11-13 | CVE-2013-5552 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) devices does not properly implement the "parse error drop" feature, which allows remote attackers to bypass intended access restrictions via a crafted series of packets, aka Bug ID CSCug90143. | 6.4 |
| 2013-11-08 | CVE-2013-5566 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Nx-Os Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, aka Bug ID CSCte27874. | 5.0 |
| 2013-11-08 | CVE-2013-5565 | Buffer Errors vulnerability in Cisco IOS XR 5.1.0 The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (process crash) via a malformed LSA Type-1 packet, aka Bug ID CSCuj82176. | 4.3 |
| 2013-11-08 | CVE-2013-5558 | Credentials Management vulnerability in Cisco Telepresence VX Clinical Assistant 1.2 The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238. | 10.0 |
| 2013-11-08 | CVE-2013-5554 | Path Traversal vulnerability in Cisco Wide Area Application Services Mobile Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile before 3.5.5 allows remote attackers to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773. | 7.5 |
| 2013-11-08 | CVE-2013-5553 | Resource Management Errors vulnerability in Cisco IOS 15.1 Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote attackers to cause a denial of service (memory consumption or device reload) by sending a crafted SIP message over (1) IPv4 or (2) IPv6, aka Bug IDs CSCuc42558 and CSCug25383. | 7.8 |
| 2013-11-06 | CVE-2013-5563 | Cross-Site Scripting vulnerability in Cisco Security Monitoring Analysis and Response System Cross-site scripting (XSS) vulnerability in Query/NewQueryResult.jsp in Cisco Security Monitoring, Analysis and Response System (CS-MARS) allows remote attackers to inject arbitrary web script or HTML via the isnowLatency parameter, aka Bug ID CSCul16173. | 4.3 |
| 2013-11-06 | CVE-2013-5562 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution The ITM web server in Cisco Prime Central for Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (temporary HTTP service outage) via a flood of TCP packets, aka Bug ID CSCuh36313. | 5.0 |