Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-06-21 | CVE-2013-3379 | Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence TC Software The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781. | 8.3 |
2013-06-21 | CVE-2013-3378 | Improper Input Validation vulnerability in Cisco Telepresence TC Software and Telepresence TE Software Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557. | 7.8 |
2013-06-21 | CVE-2013-3377 | Resource Management Errors vulnerability in Cisco products Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743. | 7.8 |
2013-06-18 | CVE-2013-1203 | Improper Input Validation vulnerability in Cisco ASA CX Context-Aware Security Software Cisco ASA CX Context-Aware Security Software allows remote attackers to cause a denial of service (device reload) via crafted TCP packets that appear to have been forwarded by a Cisco Adaptive Security Appliances (ASA) device, aka Bug ID CSCue88386. | 5.4 |
2013-06-14 | CVE-2013-3376 | Improper Input Validation vulnerability in Cisco Video Surveillance Operations Manager Open redirect vulnerability in the help page in Cisco Video Surveillance Operations Manager allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCty74490. | 4.3 |
2013-06-14 | CVE-2013-3375 | Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution Cross-site scripting (XSS) vulnerability in the portal page in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCue23798. | 4.3 |
2013-06-12 | CVE-2013-3381 | Resource Management Errors vulnerability in Cisco Hosted Collaboration Solution Cisco Hosted Collaboration Mediation allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets on port 162, aka Bug ID CSCug85756. | 5.0 |
2013-06-12 | CVE-2013-3380 | Information Exposure vulnerability in Cisco Secure Access Control Server Solution Engine The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279. | 4.0 |
2013-06-06 | CVE-2013-1205 | Improper Authentication vulnerability in Cisco Webex Meetings Server The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords via crafted URLs, aka Bug ID CSCue62485. | 4.3 |
2013-05-31 | CVE-2013-1247 | Cross-Site Scripting vulnerability in Cisco Prime Infrastructure Cross-site scripting (XSS) vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not properly handled during display of the XML windowing table, aka Bug ID CSCuf04356. | 4.3 |