Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-11-13 | CVE-2013-5552 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) devices does not properly implement the "parse error drop" feature, which allows remote attackers to bypass intended access restrictions via a crafted series of packets, aka Bug ID CSCug90143. | 6.4 |
| 2013-11-08 | CVE-2013-5566 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Nx-Os Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, aka Bug ID CSCte27874. | 5.0 |
| 2013-11-08 | CVE-2013-5565 | Buffer Errors vulnerability in Cisco IOS XR 5.1.0 The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (process crash) via a malformed LSA Type-1 packet, aka Bug ID CSCuj82176. | 4.3 |
| 2013-11-06 | CVE-2013-5563 | Cross-Site Scripting vulnerability in Cisco Security Monitoring Analysis and Response System Cross-site scripting (XSS) vulnerability in Query/NewQueryResult.jsp in Cisco Security Monitoring, Analysis and Response System (CS-MARS) allows remote attackers to inject arbitrary web script or HTML via the isnowLatency parameter, aka Bug ID CSCul16173. | 4.3 |
| 2013-11-06 | CVE-2013-5562 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution The ITM web server in Cisco Prime Central for Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (temporary HTTP service outage) via a flood of TCP packets, aka Bug ID CSCuh36313. | 5.0 |
| 2013-11-04 | CVE-2013-5564 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution The Java process in the Impact server in Cisco Prime Central for Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (process crash) via a flood of TCP packets, aka Bug ID CSCug57345. | 5.0 |
| 2013-11-04 | CVE-2013-5561 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance CX Context-Aware Security Software The Safe Search enforcement feature in Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security Software does not properly perform filtering, which allows remote attackers to bypass intended policy restrictions via unspecified vectors, aka Bug ID CSCui94622. | 5.0 |
| 2013-11-04 | CVE-2013-5559 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Anyconnect Secure Mobility Client Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139. | 6.8 |
| 2013-11-01 | CVE-2013-5555 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to cause a denial of service (service restart) via a crafted SIP message, aka Bug ID CSCub54349. | 4.3 |
| 2013-11-01 | CVE-2013-5548 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795. | 4.3 |