Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-18 | CVE-2018-0097 | Open Redirect vulnerability in Cisco Prime Infrastructure A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. | 5.8 |
| 2018-01-18 | CVE-2018-0096 | Incorrect Authorization vulnerability in Cisco Prime Infrastructure 3.2(0.0)/3.3(0.0) A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. | 4.9 |
| 2018-01-18 | CVE-2018-0094 | Resource Exhaustion vulnerability in Cisco Unified Computing System Central Software 1.4(1A) A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization on the targeted device. | 5.0 |
| 2018-01-18 | CVE-2018-0093 | Cross-site Scripting vulnerability in Cisco web Security Appliance A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2018-01-18 | CVE-2018-0091 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a Document Object Model (DOM) cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2018-01-18 | CVE-2018-0090 | Resource Exhaustion vulnerability in Cisco Nx-Os 7.3(2)N1(0.6)/8.3(0)Kms(0.31)/8.8(3.5)S0 A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. | 5.0 |
| 2018-01-18 | CVE-2018-0089 | Cleartext Storage of Sensitive Information vulnerability in Cisco Policy Suite 10.0.0/11.0.0/11.1.0 A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. | 5.0 |
| 2018-01-18 | CVE-2018-0086 | Resource Exhaustion vulnerability in Cisco Unified Customer Voice Portal A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. | 5.0 |
| 2018-01-18 | CVE-2017-12308 | Unspecified vulnerability in Cisco products A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. network cisco | 5.8 |
| 2018-01-18 | CVE-2017-12307 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 4.3 |