Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-6642 | Information Exposure vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. | 5.0 |
| 2017-05-22 | CVE-2017-6637 | Improper Input Validation vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 4.0 |
| 2017-05-22 | CVE-2017-6636 | Path Traversal vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. | 4.0 |
| 2017-05-22 | CVE-2017-6635 | Missing Authorization vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 12.1) could allow an authenticated, remote attacker to delete any file from an affected system. | 6.8 |
| 2017-05-22 | CVE-2017-6634 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Industrial Ethernet 1000 Series Firmware 1.3Base A vulnerability in the Device Manager web interface of Cisco Industrial Ethernet 1000 Series Switches 1.3 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 6.8 |
| 2017-05-22 | CVE-2017-6633 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Unified Computing System 3.0(0.234) A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.0 |
| 2017-05-18 | CVE-2017-6652 | Improper Input Validation vulnerability in Cisco Telepresence Ix5000 8.2.0Base A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. | 5.0 |
| 2017-05-18 | CVE-2017-6621 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. | 5.0 |
| 2017-05-16 | CVE-2017-6658 | Out-of-bounds Read vulnerability in Cisco Sourcefire Snort 3.0 Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. | 5.0 |
| 2017-05-16 | CVE-2017-6657 | Unspecified vulnerability in Cisco Snort++ Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. | 5.0 |