Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-6634 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Industrial Ethernet 1000 Series Firmware 1.3Base A vulnerability in the Device Manager web interface of Cisco Industrial Ethernet 1000 Series Switches 1.3 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 8.8 |
| 2017-05-22 | CVE-2017-6633 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Unified Computing System 3.0(0.234) A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2017-05-22 | CVE-2017-6632 | Resource Exhaustion vulnerability in Cisco Firepower Threat Defense A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. | 7.5 |
| 2017-05-18 | CVE-2017-6652 | Improper Input Validation vulnerability in Cisco Telepresence Ix5000 8.2.0Base A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. | 7.5 |
| 2017-05-18 | CVE-2017-6623 | Improper Privilege Management vulnerability in Cisco Policy Suite 10.0.0/10.1.0/11.0.0 A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. | 7.8 |
| 2017-05-18 | CVE-2017-6621 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. | 7.5 |
| 2017-05-16 | CVE-2017-6658 | Out-of-bounds Read vulnerability in Cisco Sourcefire Snort 3.0 Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. | 7.5 |
| 2017-05-16 | CVE-2017-6657 | Unspecified vulnerability in Cisco Snort++ Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. | 7.5 |
| 2017-05-16 | CVE-2017-6651 | Information Exposure vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings. | 7.5 |
| 2017-05-16 | CVE-2017-3876 | Unspecified vulnerability in Cisco IOS XR 6.1.0/6.1.1 A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. | 7.5 |