Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-08-29 | CVE-2013-3472 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager Cross-site request forgery (CSRF) vulnerability in the Enterprise License Manager (ELM) in Cisco Unified Communications Manager (CM) allows remote attackers to hijack the authentication of arbitrary users for requests that make ELM modifications, aka Bug ID CSCui58210. | 6.8 |
| 2013-08-29 | CVE-2013-3471 | Credentials Management vulnerability in Cisco Identity Services Engine Software The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515. | 4.3 |
| 2013-08-29 | CVE-2013-3468 | Improper Input Validation vulnerability in Cisco Unified IP Phone 8945 and Unified IP Phone Firmware The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of service (device hang) via a malformed PNG file, aka Bug ID CSCud04270. | 7.8 |
| 2013-08-29 | CVE-2013-3466 | Improper Authentication vulnerability in Cisco Secure Access Control Server The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote attackers to execute arbitrary commands via crafted EAP-FAST packets, aka Bug ID CSCui57636. | 9.3 |
| 2013-08-25 | CVE-2013-3462 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Unified Communications Manager Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6, 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(2) allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Bug ID CSCud54358. | 8.5 |
| 2013-08-25 | CVE-2013-3461 | Resource Management Errors vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause a denial of service (memory and CPU consumption, and service disruption) via a flood of UDP packets to port 5060, aka Bug ID CSCub35869. | 7.1 |
| 2013-08-25 | CVE-2013-3460 | Resource Management Errors vulnerability in Cisco Unified Communications Manager Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(1) allows remote attackers to cause a denial of service (service disruption) via a high rate of UDP packets, aka Bug ID CSCub85597. | 7.8 |
| 2013-08-25 | CVE-2013-3459 | Resource Management Errors vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle errors, which allows remote attackers to cause a denial of service (service disruption) via malformed registration messages, aka Bug ID CSCuf93466. | 7.8 |
| 2013-08-25 | CVE-2013-3390 | Resource Management Errors vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance Memory leak in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug ID CSCub59158. | 7.8 |
| 2013-08-25 | CVE-2013-3389 | Resource Management Errors vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to port (1) 61615 or (2) 61616, aka Bug ID CSCtz90114. | 7.8 |