Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-17 | CVE-2018-0456 | Improper Input Validation vulnerability in Cisco Nx-Os 9.2(0.43) A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application of an affected device to restart unexpectedly. | 6.8 |
| 2018-10-17 | CVE-2018-0416 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software 8.5(130.0)/8.9(1.52) A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. | 5.0 |
| 2018-10-17 | CVE-2018-0395 | Improper Input Validation vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. | 5.3 |
| 2018-10-17 | CVE-2018-0388 | Cross-site Scripting vulnerability in Cisco Wireless LAN Controller Software 8.3(133.0)/8.3(135.0)/8.5(120.0) A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web-based interface of an affected system. | 4.8 |
| 2018-10-05 | CVE-2018-0405 | Path Traversal vulnerability in Cisco Rv180W Firmware and Rv220W Firmware A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. | 5.0 |
| 2018-10-05 | CVE-2018-0464 | Path Traversal vulnerability in Cisco Prime Data Center Network Manager A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. | 5.5 |
| 2018-10-05 | CVE-2018-0404 | SQL Injection vulnerability in Cisco products A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. | 5.0 |
| 2018-10-05 | CVE-2018-15436 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Webex Events Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. | 4.3 |
| 2018-10-05 | CVE-2018-15434 | Cross-site Scripting vulnerability in Cisco Skinny Client Control Protocol Software 9.4(2) A vulnerability in the web-based management interface of Cisco Unified IP Phone 7900 Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2018-10-05 | CVE-2018-15433 | Information Exposure vulnerability in Cisco Prime Infrastructure 3.2 A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. | 4.0 |