Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-0405 | Path Traversal vulnerability in Cisco Rv180W Firmware and Rv220W Firmware A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. | 5.0 |
| 2018-10-05 | CVE-2018-0464 | Path Traversal vulnerability in Cisco Prime Data Center Network Manager A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. | 5.5 |
| 2018-10-05 | CVE-2018-0404 | SQL Injection vulnerability in Cisco products A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. | 5.0 |
| 2018-10-05 | CVE-2018-15436 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Webex Events Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. | 4.3 |
| 2018-10-05 | CVE-2018-15434 | Cross-site Scripting vulnerability in Cisco Skinny Client Control Protocol Software 9.4(2) A vulnerability in the web-based management interface of Cisco Unified IP Phone 7900 Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2018-10-05 | CVE-2018-15433 | Information Exposure vulnerability in Cisco Prime Infrastructure 3.2 A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. | 4.0 |
| 2018-10-05 | CVE-2018-15432 | Information Exposure vulnerability in Cisco Prime Infrastructure 3.2 A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. | 4.0 |
| 2018-10-05 | CVE-2018-15431 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 6.9 |
| 2018-10-05 | CVE-2018-15430 | Improper Input Validation vulnerability in Cisco Telepresence Video Communication Server X7.2.4/X8.10.4/X8.9.2 A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. | 6.5 |
| 2018-10-05 | CVE-2018-15429 | Missing Authorization vulnerability in Cisco Hyperflex HX Data Platform 2.6(1D)/3.0(1A) A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. | 5.0 |