Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-0338 | Incorrect Authorization vulnerability in Cisco Unified Computing System A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System (UCS) Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. | 7.8 |
| 2018-06-07 | CVE-2018-0336 | Missing Authorization vulnerability in Cisco Prime Collaboration 12.1 A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to escalate privileges to the Administrator level. | 8.8 |
| 2018-06-07 | CVE-2018-0335 | Insufficiently Protected Credentials vulnerability in Cisco Prime Collaboration 12.2 A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. | 7.8 |
| 2018-06-07 | CVE-2018-0332 | Unspecified vulnerability in Cisco IP Phone Firmware and Unified IP Phone Firmware A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2018-06-07 | CVE-2018-0353 | Unspecified vulnerability in Cisco web Security Appliance A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. | 7.5 |
| 2018-06-07 | CVE-2018-0322 | Missing Authorization vulnerability in Cisco products A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. | 8.8 |
| 2018-06-07 | CVE-2018-0317 | Missing Authorization vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. | 8.8 |
| 2018-06-07 | CVE-2018-0316 | Improper Handling of Exceptional Conditions vulnerability in Cisco IP Phone Firmware 11.1(2) A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. | 7.5 |
| 2018-06-07 | CVE-2018-0296 | Path Traversal vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 7.5 |
| 2018-06-07 | CVE-2018-0274 | OS Command Injection vulnerability in Cisco Network Services Orchestrator A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. | 8.8 |