Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-07 | CVE-2017-3885 | Resource Exhaustion vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. | 5.9 |
2017-04-07 | CVE-2017-3884 | Information Exposure vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to access sensitive data. | 6.5 |
2017-04-07 | CVE-2017-3848 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 2.2(2)/3.0 A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected system. | 6.1 |
2017-04-07 | CVE-2017-3817 | Incorrect Authorization vulnerability in Cisco Unified Computing System Director 5.5.0.1/6.0.0.0 A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in a UCS domain. | 4.3 |
2017-04-07 | CVE-2016-9197 | Permissions, Privileges, and Access Controls vulnerability in Cisco Mobility Services Engine 8.3.102.0 A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. | 6.7 |
2017-04-07 | CVE-2016-9196 | Permissions, Privileges, and Access Controls vulnerability in Cisco Aironet Access Point A vulnerability in login authentication management in Cisco Aironet 1800, 2800, and 3800 Series Access Point platforms could allow an authenticated, local attacker to gain unrestricted root access to the underlying Linux operating system. | 6.7 |
2017-04-07 | CVE-2016-9195 | Resource Management Errors vulnerability in Cisco Wireless LAN Controller 8.3.102.0 A vulnerability in RADIUS Change of Authorization (CoA) request processing in the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition by disconnecting a single connection. | 5.3 |
2017-04-06 | CVE-2016-9194 | Resource Management Errors vulnerability in Cisco products A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.5 |
2017-03-21 | CVE-2017-3850 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.9 |
2017-03-17 | CVE-2017-3880 | Improper Authentication vulnerability in Cisco Webex Meetings Server An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. | 6.5 |