Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-01 | CVE-2018-0406 | Cross-site Scripting vulnerability in Cisco web Security Appliance 10.1.2003/10.5.1269/11.5.0Fcs581 A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected or Document Object Model based (DOM-based) cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2018-08-01 | CVE-2018-0397 | Unspecified vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. | 5.9 |
| 2018-08-01 | CVE-2018-0391 | Unspecified vulnerability in Cisco products A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable. | 6.5 |
| 2018-07-18 | CVE-2018-0401 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. | 6.1 |
| 2018-07-18 | CVE-2018-0400 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. | 6.1 |
| 2018-07-18 | CVE-2018-0396 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager IM and Presence Service 11.5/12.0 A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. | 6.1 |
| 2018-07-18 | CVE-2018-0393 | Unspecified vulnerability in Cisco products A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. | 6.5 |
| 2018-07-18 | CVE-2018-0392 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco products A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. | 5.5 |
| 2018-07-18 | CVE-2018-0390 | Cross-site Scripting vulnerability in Cisco Webex Meetings 2.0 A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. | 6.1 |
| 2018-07-18 | CVE-2018-0380 | Unspecified vulnerability in Cisco Webex Meetings Online Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. | 5.5 |