Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-02 | CVE-2018-0262 | Unspecified vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain unauthorized access to components of, or sensitive information in, an affected system, leading to Remote Code Execution. network cisco | 6.8 |
| 2018-05-02 | CVE-2018-0245 | Improper Privilege Management vulnerability in Cisco Wireless LAN Controller Software 8.3(133.0)/8.5(105.0) A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. | 5.0 |
| 2018-05-02 | CVE-2018-0235 | Unspecified vulnerability in Cisco Wireless LAN Controller Software 8.6(1.106)/8.6(1.114) A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. low complexity cisco | 6.1 |
| 2018-05-02 | CVE-2018-0226 | Unspecified vulnerability in Cisco Mobility Express Software 8.3(90.65)/8.4(1.65) A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated privileges on an affected access point. network cisco | 6.0 |
| 2018-04-19 | CVE-2018-0276 | Cross-site Scripting vulnerability in Cisco Webex Connect IM A vulnerability in Cisco WebEx Connect IM could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. | 4.3 |
| 2018-04-19 | CVE-2018-0273 | Unspecified vulnerability in Cisco Staros A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition. | 5.0 |
| 2018-04-19 | CVE-2018-0272 | Improper Handling of Exceptional Conditions vulnerability in Cisco Firepower 6.2.1/6.2.2.1 A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 4.3 |
| 2018-04-19 | CVE-2018-0269 | Incorrect Authorization vulnerability in Cisco Digital Network Architecture Center 1.1 A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) could allow an unauthenticated, remote attacker to communicate with the Kong API server without restriction. | 4.3 |
| 2018-04-19 | CVE-2018-0266 | Forced Browsing vulnerability in Cisco Unified Communications Manager A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. | 4.0 |
| 2018-04-19 | CVE-2018-0260 | Improper Input Validation vulnerability in Cisco Mate Live 1.3 A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents of certain web application virtual directories. | 5.0 |