Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-09-20 | CVE-2015-6301 | Resource Management Errors vulnerability in Cisco products The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171. | 5.0 |
2015-09-20 | CVE-2015-6300 | Improper Input Validation vulnerability in Cisco Secure Access Control Server 5.7.0.15 Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service (SSH screen process crash) via crafted (1) CLI or (2) GUI commands, aka Bug ID CSCuw24694. | 4.0 |
2015-09-20 | CVE-2015-6299 | SQL Injection vulnerability in Cisco Unity Connection 9.1(1)/9.1(2) SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824. | 6.5 |
2015-09-20 | CVE-2015-6295 | Resource Management Errors vulnerability in Cisco Nx-Os 6.1(2)I3(4)/7.0(3)I1(1) Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560. | 4.8 |
2015-09-20 | CVE-2015-4305 | Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Collaboration Assurance The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656. | 4.0 |
2015-09-18 | CVE-2015-6297 | Resource Management Errors vulnerability in Cisco IOS XR 5.2.0Base The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525. | 5.0 |
2015-09-18 | CVE-2015-6294 | Resource Management Errors vulnerability in Cisco IOS and IOS XE Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a denial of service (functionality loss) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuu25770. | 6.1 |
2015-09-14 | CVE-2015-6290 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco web Security Virtual Appliance Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426. | 4.3 |
2015-09-14 | CVE-2015-6288 | Resource Management Errors vulnerability in Cisco Content Security Management Appliance 7.8Base Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause a denial of service (rapid log-file rollover and application fault) via crafted HTTP requests, aka Bug ID CSCuw09620. | 5.0 |
2015-09-14 | CVE-2015-6287 | Resource Management Errors vulnerability in Cisco web Security Virtual Appliance 8.0.5/8.0.6/8.0Base Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907. | 5.0 |