Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-08 | CVE-2018-15450 | Path Traversal vulnerability in Cisco Prime Collaboration 12.1 A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. | 6.5 |
| 2018-11-08 | CVE-2018-15449 | Improper Input Validation vulnerability in Cisco Video Surveillance Media Server A vulnerability in the web-based management interface of Cisco Video Surveillance Media Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the web-based management interface of an affected system. | 6.5 |
| 2018-11-08 | CVE-2018-15437 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. | 5.5 |
| 2018-11-08 | CVE-2018-15393 | Cross-site Scripting vulnerability in Cisco Content Security Management Appliance A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 6.1 |
| 2018-11-08 | CVE-2018-0284 | Unspecified vulnerability in Cisco products A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. | 6.5 |
| 2018-10-17 | CVE-2018-15438 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 12.1 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 6.5 |
| 2018-10-17 | CVE-2018-0420 | Path Traversal vulnerability in Cisco Wireless LAN Controller Software 8.2(151.0) A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. | 6.5 |
| 2018-10-17 | CVE-2018-0381 | Improper Locking vulnerability in Cisco Aironet Access Points A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 6.8 |
| 2018-10-17 | CVE-2018-15435 | Cross-site Scripting vulnerability in Cisco Socialminer 11.6(1) A vulnerability in the web-based management interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. | 6.1 |
| 2018-10-17 | CVE-2018-15395 | Unspecified vulnerability in Cisco Wireless LAN Controller Software 8.5(120.0) A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. low complexity cisco | 5.4 |