Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-07-02 | CVE-2013-3401 | Security Bypass vulnerability in Cisco TelePresence TC Software The SIP implementation in Cisco TelePresence TC Software allows remote attackers to trigger unintended use of NOTIFY messages via unspecified vectors, aka Bug ID CSCud96080. network cisco | 4.3 |
2013-07-02 | CVE-2013-3399 | Buffer Errors vulnerability in Cisco Desktop Collaboration Experience Dx650 Buffer overflow in an unspecified Android API on the Cisco Desktop Collaboration Experience DX650 allows attackers to execute arbitrary code via vectors that leverage incorrect memory allocation, aka Bug IDs CSCuf93957, CSCug22352, and CSCug22462. | 6.6 |
2013-07-02 | CVE-2013-3395 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuh70263, CSCuh70323, and CSCuh26634. | 6.8 |
2013-06-26 | CVE-2013-3398 | Information Exposure vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, which allows remote attackers to enumerate directories and files via a series of crafted requests, aka Bug ID CSCuh64574. | 5.0 |
2013-06-26 | CVE-2013-3397 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager (CUCM) allows remote attackers to hijack the authentication of arbitrary users for requests that perform Unified Serviceability actions, aka Bug ID CSCuh10298. | 6.8 |
2013-06-26 | CVE-2013-3396 | Cross-Site Scripting vulnerability in Cisco Content Security Management Appliance Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security Management on Security Management Appliance (SMA) devices allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh24749. | 4.3 |
2013-06-26 | CVE-2013-3393 | Improper Input Validation vulnerability in Cisco Jabber and Virtualization Experience Media Engine The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of service (process crash and call disconnection) via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117. | 5.0 |
2013-06-21 | CVE-2013-3392 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Social Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco WebEx Social allow remote attackers to hijack the authentication of arbitrary users via unspecified vectors, aka Bug IDs CSCuh10405 and CSCuh10355. | 4.3 |
2013-06-18 | CVE-2013-1203 | Improper Input Validation vulnerability in Cisco ASA CX Context-Aware Security Software Cisco ASA CX Context-Aware Security Software allows remote attackers to cause a denial of service (device reload) via crafted TCP packets that appear to have been forwarded by a Cisco Adaptive Security Appliances (ASA) device, aka Bug ID CSCue88386. | 5.4 |
2013-06-14 | CVE-2013-3376 | Improper Input Validation vulnerability in Cisco Video Surveillance Operations Manager Open redirect vulnerability in the help page in Cisco Video Surveillance Operations Manager allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCty74490. | 4.3 |