Vulnerabilities > Cisco > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-17 CVE-2017-3879 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os 7.0(3)I3(0.170)/8.3(0)Cv(0.342)/8.3(0)Cv(0.345)
A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail.
network
low complexity
cisco CWE-119
5.3
2017-03-17 CVE-2017-3878 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os 7.0(3)I3(0.170)
A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail.
network
low complexity
cisco CWE-119
5.3
2017-03-17 CVE-2017-3877 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager 11.5(1.11.007.2)
A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web interface of the affected software.
network
low complexity
cisco CWE-352
6.5
2017-03-17 CVE-2017-3875 Improper Input Validation vulnerability in Cisco Nx-Os
An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system.
network
low complexity
cisco CWE-20
5.3
2017-03-17 CVE-2017-3874 Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.5(1.11007.2)
A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack.
network
low complexity
cisco CWE-79
5.4
2017-03-17 CVE-2017-3872 Cross-site Scripting vulnerability in Cisco Unified Communications Manager
A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device.
network
low complexity
cisco CWE-79
6.1
2017-03-17 CVE-2017-3871 Information Exposure vulnerability in Cisco Prime Optical 10.6(0.1)
A RADIUS Secret Disclosure vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclose sensitive information in the configuration generated for a device.
network
low complexity
cisco CWE-200
4.3
2017-03-17 CVE-2017-3870 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco web Security Appliance 8.5.3069/9.1.1074/9.1.2010
A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule.
network
low complexity
cisco CWE-119
5.8
2017-03-17 CVE-2017-3869 Unspecified vulnerability in Cisco Prime Infrastructure 3.1(1)
An API Credentials Management vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user.
network
low complexity
cisco
5.4
2017-03-17 CVE-2017-3868 Cross-site Scripting vulnerability in Cisco Unified Computing System Director 6.0(0.0)
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
6.1