Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-06-23 | CVE-2015-4207 | Information Exposure vulnerability in Cisco Webex Meeting Center Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote attackers to obtain sensitive information and bypass intended attendance restrictions by visiting a meeting-registration page, aka Bug ID CSCus62147. | 5.0 |
| 2015-06-23 | CVE-2015-4205 | Resource Management Errors vulnerability in Cisco IOS XR 5.3.1 Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959. | 5.7 |
| 2015-06-23 | CVE-2015-4203 | Race Condition vulnerability in Cisco IOS 12.2(33)Sch/12.2Sch Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396. | 5.4 |
| 2015-06-23 | CVE-2015-4189 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework 1.4.0 Cross-site request forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework (DCAF) 1.4 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun26807. | 6.8 |
| 2015-06-23 | CVE-2015-4204 | Resource Management Errors vulnerability in Cisco IOS 12.2/12.2(33) Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 devices allows remote authenticated users to cause a denial of service (memory consumption or PXF process crash) by sending docsIfMCmtsMib SNMP requests quickly, aka Bug ID CSCue65051. | 6.8 |
| 2015-06-20 | CVE-2015-4202 | Information Exposure vulnerability in Cisco IOS 12.2(33)Sch/12.2Sch Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not properly restrict access to the IP Detail Record (IPDR) service, which allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets, aka Bug ID CSCua39203. | 5.0 |
| 2015-06-20 | CVE-2015-4198 | Cross-site Scripting vulnerability in Cisco web Security Appliance 8.5.0497 Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified HTTP header, aka Bug ID CSCuu24409. | 4.3 |
| 2015-06-20 | CVE-2015-4197 | Improper Input Validation vulnerability in Cisco Nx-Os 5.2(5) Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415. | 6.1 |
| 2015-06-20 | CVE-2015-4201 | Improper Input Validation vulnerability in Cisco ASR 5000 Series Software 17.2.0.59184/18.0.L059219 The Gateway General Packet Radio Service Support Node (GGSN) component on Cisco ASR 5000 devices with software 17.2.0.59184 and 18.0.L0.59219 allows remote attackers to cause a denial of service (Session Manager restart) via an invalid TCP/IP header, aka Bug ID CSCut68058. | 5.0 |
| 2015-06-19 | CVE-2015-4195 | Resource Management Errors vulnerability in Cisco IOS XR 5.1.1.K9Sec Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (vty error, and SSH and TELNET outage) via a crafted disconnect action within an SSH session, aka Bug ID CSCul63127. | 4.0 |