Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-10-16 | CVE-2013-5535 | Credentials Management vulnerability in Cisco products The analytics page on Cisco Video Surveillance 4000 IP cameras has hardcoded credentials, which allows remote attackers to watch the video feed by leveraging knowledge of the password, aka Bug IDs CSCuj70402 and CSCuj70419. | 6.4 |
2013-10-16 | CVE-2013-5529 | Improper Input Validation vulnerability in Cisco Webex Meetings Server The deployment module in the server in Cisco WebEx Meeting Center does not properly validate the passphrase, which allows remote attackers to launch a deployment or cause a denial of service (deployment interruption) via a direct request, aka Bug ID CSCuf52200. | 6.8 |
2013-10-14 | CVE-2012-4121 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed (1) r and (2) w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574. | 6.8 |
2013-10-14 | CVE-2012-4099 | Improper Input Validation vulnerability in Cisco Nx-Os The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service (BGP service reset and resync) via a malformed UPDATE message, aka Bug ID CSCtn13065. | 4.3 |
2013-10-14 | CVE-2012-4097 | Improper Input Validation vulnerability in Cisco Nx-Os The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE message, aka Bug ID CSCtn13043. | 4.3 |
2013-10-14 | CVE-2012-4077 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nx-Os Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via the sed e option, aka Bug IDs CSCtf25457 and CSCtf27651. | 6.8 |
2013-10-14 | CVE-2012-4076 | Improper Input Validation vulnerability in Cisco Nx-Os Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780. | 6.8 |
2013-10-13 | CVE-2013-5506 | Permissions, Privileges, and Access Controls vulnerability in Cisco Firewall Services Module Software The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or modify any context's configuration via unspecified commands, aka Bug ID CSCue46080. | 6.6 |
2013-10-13 | CVE-2012-4108 | OS Command Injection vulnerability in Cisco Unified Computing System The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554. | 6.8 |
2013-10-13 | CVE-2012-4107 | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Computing System The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted parameters to a file-related command, aka Bug ID CSCtq86489. | 4.6 |