Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-07 | CVE-2017-6780 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco products A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventually forcing the device to restart, aka Memory Exhaustion. | 7.5 |
| 2017-09-07 | CVE-2017-6631 | Unspecified vulnerability in Cisco products A vulnerability in the HTTP remote procedure call (RPC) service of set-top box (STB) receivers manufactured by Cisco for Yes could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2017-09-07 | CVE-2017-6627 | Improper Resource Shutdown or Release vulnerability in Cisco IOS and IOS XE A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. | 7.5 |
| 2017-09-07 | CVE-2017-12216 | XXE vulnerability in Cisco Socialminer A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. | 8.8 |
| 2017-08-17 | CVE-2017-6771 | Information Exposure vulnerability in Cisco Ultra Services Framework 21.0.V0.65839 A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. | 7.5 |
| 2017-08-17 | CVE-2017-6768 | Untrusted Search Path vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. | 7.8 |
| 2017-08-17 | CVE-2017-6767 | Improper Privilege Management vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. | 7.1 |
| 2017-08-17 | CVE-2017-6710 | OS Command Injection vulnerability in Cisco Virtual Network Function Element Manager 5.0.3/5.1.3 A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server. | 8.1 |
| 2017-08-07 | CVE-2017-6766 | Unspecified vulnerability in Cisco Firesight System Software A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting traffic on an affected system. | 7.5 |
| 2017-08-07 | CVE-2017-6763 | Improper Input Validation vulnerability in Cisco Meeting Server 2.1.4 A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. | 7.5 |