Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-12 | CVE-2012-4629 | Resource Management Errors vulnerability in Cisco products The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603. | 7.8 |
| 2012-09-12 | CVE-2012-3935 | Buffer Errors vulnerability in Cisco products Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832. | 7.8 |
| 2012-08-06 | CVE-2012-1361 | Information Exposure vulnerability in Cisco IOS 15.1/15.2 Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) feature of Cisco Unified Communications Manager (CUCM) is enabled, allows remote attackers to obtain sensitive crosstalk information by listening during a PSTN call, aka Bug ID CSCtx77750. | 4.3 |
| 2012-08-06 | CVE-2012-1357 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Nexus 5000 and Nx-Os The igmp_snoop_orib_fill_source_update function in the IGMP process in NX-OS 5.0 and 5.1 on Cisco Nexus 5000 series switches allows remote attackers to cause a denial of service (device reload) via IGMP packets, aka Bug ID CSCts46521. | 5.0 |
| 2012-08-06 | CVE-2012-1350 | Unspecified vulnerability in Cisco products Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of service (radio-interface input-queue hang) via IAPP 0x3281 packets, aka Bug ID CSCtc12426. | 7.8 |
| 2012-08-06 | CVE-2012-1348 | Information Exposure vulnerability in Cisco Wide Area Application Services 4.4/5.0/5.1 Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279. | 5.0 |
| 2012-08-06 | CVE-2012-1346 | Resource Management Errors vulnerability in Cisco Emergency Responder 8.6/9.2 Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369. | 5.0 |
| 2012-08-06 | CVE-2012-1344 | Buffer Errors vulnerability in Cisco IOS 15.1/15.2 Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users to cause a denial of service (device reload) by using a web browser to refresh the SSL VPN portal page, as demonstrated by the Android browser, aka Bug ID CSCtr86328. | 3.5 |
| 2012-08-06 | CVE-2012-2500 | Cryptographic Issues vulnerability in Cisco Anyconnect Secure Mobility Client 3.0/3.0.0629/3.0.07059 Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate during WebLaunch of IPsec, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29470. | 4.0 |
| 2012-08-06 | CVE-2012-2499 | Cryptographic Issues vulnerability in Cisco Anyconnect Secure Mobility Client 3.0/3.0.0629/3.0.07059 The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz26985. | 5.8 |