Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-28 | CVE-2016-1460 | Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software 7.4.121.0/8.0.0.30220.385 Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and 8.0(0.30220.385) allow remote attackers to cause a denial of service via crafted wireless management frames, aka Bug ID CSCun92979. | 6.1 |
| 2016-07-17 | CVE-2016-1459 | Resource Management Errors vulnerability in Cisco IOS and IOS XE Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061. | 4.9 |
| 2016-07-17 | CVE-2016-1448 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server 2.7.1/2.7Base Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.7 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuy92706. | 6.8 |
| 2016-07-15 | CVE-2016-1452 | Information Exposure vulnerability in Cisco ASR 5000 and ASR 5000 Software Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. | 6.4 |
| 2016-07-15 | CVE-2016-1451 | Cross-site Scripting vulnerability in Cisco Meeting Server 1.7Base/1.8Base/1.9Base Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922. | 4.3 |
| 2016-07-15 | CVE-2016-1450 | Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715. | 6.0 |
| 2016-07-15 | CVE-2016-1449 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711. | 4.3 |
| 2016-07-15 | CVE-2016-1447 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194. | 4.3 |
| 2016-07-15 | CVE-2016-1446 | SQL Injection vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200. | 6.5 |
| 2016-07-12 | CVE-2016-1445 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes. | 5.3 |