Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-10-02 | CVE-2012-4095 | Improper Input Validation vulnerability in Cisco Unified Computing System The local file editor in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges, and read or modify arbitrary files, via unspecified key bindings, aka Bug ID CSCtn04521. | 5.5 |
2013-10-01 | CVE-2013-5516 | Resource Management Errors vulnerability in Cisco Telepresence Multipoint Switch The Media Snapshot implementation on Cisco TelePresence Multipoint Switch (CTMS) devices allows remote authenticated users to cause a denial of service (device reload) by sending many Media Snapshot requests at the time of a meeting termination, aka Bug ID CSCuh44796. | 6.3 |
2013-10-01 | CVE-2012-4096 | Improper Input Validation vulnerability in Cisco Unified Computing System The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574. | 6.2 |
2013-09-30 | CVE-2013-5505 | Cross-Site Scripting vulnerability in Cisco Identity Services Engine Software Cross-site scripting (XSS) vulnerability in an administration page in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30275. | 4.3 |
2013-09-30 | CVE-2013-5504 | Cross-Site Scripting vulnerability in Cisco Identity Services Engine Software Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30266. | 4.3 |
2013-09-30 | CVE-2013-3417 | Improper Authentication vulnerability in Cisco Video Surveillance Operations Manager The administrative web interface in Cisco Video Surveillance Operations Manager does not properly perform authentication, which allows remote attackers to watch video feeds via a crafted URL, aka Bug ID CSCtg72262. | 5.0 |
2013-09-27 | CVE-2013-5498 | Improper Input Validation vulnerability in Cisco IOS XR The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR allows remote attackers to cause a denial of service (module reset) via crafted packet streams, aka Bug ID CSCue91963. | 5.0 |
2013-09-27 | CVE-2012-1313 | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Computing System The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772. | 6.5 |
2013-09-27 | CVE-2013-5481 | Improper Input Validation vulnerability in Cisco IOS The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817. | 7.1 |
2013-09-27 | CVE-2013-5480 | Improper Input Validation vulnerability in Cisco IOS The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733. | 7.8 |