Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-19 | CVE-2017-3883 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Extensible Operating System A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |
| 2017-10-19 | CVE-2017-12293 | Resource Exhaustion vulnerability in Cisco Webex Meetings Server 2.7 A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2017-10-19 | CVE-2017-12271 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Spa300 Firmware and Spa500 Firmware A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. | 8.8 |
| 2017-10-19 | CVE-2017-12260 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. | 7.5 |
| 2017-10-19 | CVE-2017-12259 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Small Business IP Phone Firmware 7.6.2 A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. | 7.5 |
| 2017-10-05 | CVE-2017-12270 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XR A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. | 7.5 |
| 2017-10-05 | CVE-2017-12263 | Path Traversal vulnerability in Cisco License Manager 3.2.6 A vulnerability in the web interface of Cisco License Manager software could allow an unauthenticated, remote attacker to download and view files within the application that should be restricted, aka Directory Traversal. | 7.5 |
| 2017-10-05 | CVE-2017-12246 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software 9.4(3)/9.7(1)/9.8(0.56) A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2017-10-05 | CVE-2017-12245 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Secure Firewall Management Center A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. | 8.6 |
| 2017-10-05 | CVE-2017-12244 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. | 8.6 |