Vulnerabilities > Cisco > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-10-28 | CVE-2016-1481 | Improper Input Validation vulnerability in Cisco Email Security Appliance A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter that contains certain rules. | 7.5 |
2016-10-28 | CVE-2016-1480 | 7PK - Errors vulnerability in Cisco Email Security Appliance A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. | 7.5 |
2016-10-27 | CVE-2016-6446 | Information Exposure vulnerability in Cisco Meeting Server A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. | 7.5 |
2016-10-27 | CVE-2016-6444 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a Web Bridge user. | 8.8 |
2016-10-27 | CVE-2016-6443 | SQL Injection vulnerability in Cisco products A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. | 8.8 |
2016-10-27 | CVE-2016-6442 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Finesse 11.0(1)Base A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. | 8.8 |
2016-10-27 | CVE-2016-6439 | Resource Management Errors vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. | 7.5 |
2016-10-27 | CVE-2016-6432 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Identity Firewall feature of Cisco ASA Software before 9.6(2.1) could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. | 8.1 |
2016-10-27 | CVE-2016-6431 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. | 7.5 |
2016-10-06 | CVE-2016-6434 | Improper Authentication vulnerability in Cisco Secure Firewall Management Center 6.0.1 Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370. | 7.8 |