Vulnerabilities > Cisco > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-18 | CVE-2017-6622 | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges. | 9.8 |
| 2017-05-16 | CVE-2017-3882 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 9.6 |
| 2017-04-06 | CVE-2017-3834 | Insecure Default Initialization of Resource vulnerability in Cisco Aironet Access Point Firmware A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete control of an affected device. | 9.8 |
| 2017-03-22 | CVE-2017-3853 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOX 1.1.0/1.1(0) A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. | 9.8 |
| 2017-03-17 | CVE-2017-3881 | Improper Input Validation vulnerability in Cisco IOS A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. | 9.8 |
| 2017-03-15 | CVE-2017-3831 | Improper Authentication vulnerability in Cisco Aironet Access Point Software A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. | 9.8 |
| 2017-02-01 | CVE-2017-3792 | Improper Input Validation vulnerability in Cisco Telepresence MCU Software A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 9.8 |
| 2017-02-01 | CVE-2017-3791 | Improper Authentication vulnerability in Cisco Prime Home A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. | 10.0 |
| 2016-12-26 | CVE-2016-9223 | Permissions, Privileges, and Access Controls vulnerability in Cisco Cloudcenter Orchestrator A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly CliQr) could allow an unauthenticated, remote attacker to install Docker containers with high privileges on the affected system. | 9.8 |
| 2016-11-03 | CVE-2016-6452 | Improper Authentication vulnerability in Cisco Prime Home 5.0Base/5.1Base/5.2.0 A vulnerability in the web-based graphical user interface (GUI) of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication. | 9.8 |