Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-0263 | Insecure Default Initialization of Resource vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system. | 7.4 |
| 2018-06-07 | CVE-2017-6779 | Resource Exhaustion vulnerability in Cisco products Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. | 7.5 |
| 2018-05-17 | CVE-2018-0325 | Improper Input Validation vulnerability in Cisco IP Phone 7800 Firmware and IP Phone 8800 Firmware A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. | 7.5 |
| 2018-05-17 | CVE-2018-0280 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2018-05-17 | CVE-2018-0279 | OS Command Injection vulnerability in Cisco Enterprise NFV Infrastructure Software A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. | 8.8 |
| 2018-05-17 | CVE-2018-0277 | Improper Certificate Validation vulnerability in Cisco Identity Services Engine A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, causing a denial of service (DoS) condition on an affected system. | 8.6 |
| 2018-05-17 | CVE-2018-0270 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOT Field Network Director 4.2(0.4) A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and alter the data of existing users and groups on an affected device. | 8.8 |
| 2018-05-02 | CVE-2018-0287 | Improper Input Validation vulnerability in Cisco Webex Meetings Online T30/T32.7 A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. | 8.8 |
| 2018-05-02 | CVE-2018-0262 | Unspecified vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information in, an affected system, leading to Remote Code Execution. | 8.1 |
| 2018-05-02 | CVE-2018-0252 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 8.6 |