Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-05-04 | CVE-2013-1240 | Improper Input Validation vulnerability in Cisco Unified Communications Manager The command-line interface in Cisco Unified Communications Manager (CUCM) does not properly validate input, which allows local users to read arbitrary files via unspecified vectors, aka Bug ID CSCue25770. | 4.6 |
| 2013-05-04 | CVE-2013-1235 | Remote Denial of Service vulnerability in Cisco Wireless LAN Controller Cisco Wireless LAN Controller (WLC) devices do not properly address the resource consumption of terminated TELNET sessions, which allows remote attackers to cause a denial of service (TELNET outage) by making many TELNET connections and improperly ending these connections, aka Bug ID CSCug35507. | 5.0 |
| 2013-05-04 | CVE-2013-1232 | Improper Input Validation vulnerability in Cisco products The HTTP implementation in Cisco WebEx Node for MCS, WebEx Meetings Server, and WebEx Node for ASR 1000 Series allows remote attackers to read the contents of uninitialized memory locations via a crafted request, aka Bug IDs CSCue36672, CSCue31363, CSCuf17466, and CSCug61252. | 5.0 |
| 2013-05-03 | CVE-2013-1234 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XR The SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (process restart) via crafted SNMP packets, aka Bug ID CSCue69472. | 4.0 |
| 2013-05-03 | CVE-2013-1231 | Improper Input Validation vulnerability in Cisco Webex Meetings Server and Webex Node FOR MCS The HTTP implementation in Cisco WebEx Node for MCS and WebEx Meetings Server allows remote attackers to read cache files via a crafted request, aka Bug IDs CSCue36664 and CSCue36629. | 5.0 |
| 2013-05-01 | CVE-2013-1230 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Unified Communications Domain Manager Cisco Unified Communications Domain Manager allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets, aka Bug ID CSCug47057. | 5.0 |
| 2013-05-01 | CVE-2013-1229 | Improper Input Validation vulnerability in Cisco Telepresence Management Suite TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence Management Suite (TMS) on 64-bit platforms allows remote attackers to cause a denial of service (process crash) via SNMP traps, aka Bug ID CSCue00028. | 5.0 |
| 2013-05-01 | CVE-2013-1160 | Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution Cross-site scripting (XSS) vulnerability in the OpenView web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56743. | 4.3 |
| 2013-05-01 | CVE-2013-1159 | Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56706. | 4.3 |
| 2013-05-01 | CVE-2013-1158 | Cross-Site Scripting vulnerability in Cisco Prime Central FOR Hosted Collaboration Solution Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) help menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud54397. | 4.3 |