Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-02 | CVE-2018-0287 | Improper Input Validation vulnerability in Cisco Webex Meetings Online T30/T32.7 A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. | 8.8 |
| 2018-05-02 | CVE-2018-0262 | Unspecified vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information in, an affected system, leading to Remote Code Execution. | 8.1 |
| 2018-05-02 | CVE-2018-0252 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-05-02 | CVE-2018-0235 | Unspecified vulnerability in Cisco Wireless LAN Controller Software 8.6(1.106)/8.6(1.114) A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. low complexity cisco | 7.4 |
| 2018-05-02 | CVE-2018-0234 | Improper Input Validation vulnerability in Cisco Aironet Access Point Software 8.4(100.0)/8.5(103.0)/8.5(105.0) A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-05-02 | CVE-2018-0226 | Unspecified vulnerability in Cisco Mobility Express Software 8.3(90.65)/8.4(1.65) A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affected access point. | 7.5 |
| 2018-04-19 | CVE-2018-0259 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Mate Collector 7.1 A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-04-19 | CVE-2018-0255 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 15.2(5)E A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 8.8 |
| 2018-04-19 | CVE-2018-0241 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. low complexity cisco | 7.4 |
| 2018-04-19 | CVE-2018-0240 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |