Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-17 | CVE-2017-3879 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os 7.0(3)I3(0.170)/8.3(0)Cv(0.342)/8.3(0)Cv(0.345) A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. | 5.3 |
2017-03-17 | CVE-2017-3878 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os 7.0(3)I3(0.170) A Denial of Service vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. | 5.3 |
2017-03-17 | CVE-2017-3877 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager 11.5(1.11.007.2) A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web interface of the affected software. | 6.5 |
2017-03-17 | CVE-2017-3875 | Improper Input Validation vulnerability in Cisco Nx-Os An Access-Control Filtering Mechanisms Bypass vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system. | 5.3 |
2017-03-17 | CVE-2017-3874 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.5(1.11007.2) A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. | 5.4 |
2017-03-17 | CVE-2017-3872 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device. | 6.1 |
2017-03-17 | CVE-2017-3871 | Information Exposure vulnerability in Cisco Prime Optical 10.6(0.1) A RADIUS Secret Disclosure vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclose sensitive information in the configuration generated for a device. | 4.3 |
2017-03-17 | CVE-2017-3870 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco web Security Appliance 8.5.3069/9.1.1074/9.1.2010 A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. | 5.8 |
2017-03-17 | CVE-2017-3869 | Unspecified vulnerability in Cisco Prime Infrastructure 3.1(1) An API Credentials Management vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. | 5.4 |
2017-03-17 | CVE-2017-3868 | Cross-site Scripting vulnerability in Cisco Unified Computing System Director 6.0(0.0) A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |