Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-13 | CVE-2017-6680 | Improper Input Validation vulnerability in Cisco Ultra Services Framework 21.0.0 A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. | 7.5 |
| 2017-06-13 | CVE-2017-6674 | Improper Input Validation vulnerability in Cisco Firesight System A vulnerability in the feature-license management functionality of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass URL filters that have been configured for an affected device. | 7.5 |
| 2017-06-13 | CVE-2017-6671 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 10.0.1087/9.7.1066 A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. | 7.5 |
| 2017-06-13 | CVE-2017-6659 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 11.5(0)/11.6 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2017-06-13 | CVE-2017-4994 | Improper Input Validation vulnerability in multiple products An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA release 2.x versions prior to v2.7.4.18, 3.6.x versions prior to v3.6.12, 3.9.x versions prior to v3.9.14, and other versions prior to v4.3.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.16, 24.x versions prior to v24.11, 30.x versions prior to 30.4, and other versions prior to v40. | 7.5 |
| 2017-06-13 | CVE-2017-4991 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v260; UAA release 2.x versions prior to v2.7.4.16, 3.6.x versions prior to v3.6.10, 3.9.x versions prior to v3.9.12, and other versions prior to v3.17.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.14, 24.x versions prior to v24.9, 30.x versions prior to 30.2, and other versions prior to v36. | 7.2 |
| 2017-06-13 | CVE-2017-4975 | Incorrect Default Permissions vulnerability in Pivotal PCF Tile Generator 5.0.7 An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. | 7.5 |
| 2017-06-13 | CVE-2017-4973 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30. | 8.8 |
| 2017-06-13 | CVE-2017-4972 | SQL Injection vulnerability in multiple products An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA release 2.x versions prior to v2.7.4.14, 3.6.x versions prior to v3.6.8, 3.9.x versions prior to v3.9.10, and other versions prior to v3.15.0; and UAA bosh release (uaa-release) 13.x versions prior to v13.12, 24.x versions prior to v24.7, and other versions prior to v30. | 7.5 |
| 2017-06-13 | CVE-2017-4966 | Information Exposure vulnerability in multiple products An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. | 7.8 |