Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-6650 | Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |
| 2017-05-22 | CVE-2017-6649 | Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. | 7.8 |
| 2017-05-22 | CVE-2017-6641 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Remote Expert Manager 11.0.0 A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service (DoS) condition on an affected system. | 7.5 |
| 2017-05-22 | CVE-2017-6634 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Industrial Ethernet 1000 Series Firmware 1.3Base A vulnerability in the Device Manager web interface of Cisco Industrial Ethernet 1000 Series Switches 1.3 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 8.8 |
| 2017-05-22 | CVE-2017-6633 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Unified Computing System 3.0(0.234) A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2017-05-22 | CVE-2017-6632 | Resource Exhaustion vulnerability in Cisco Firepower Threat Defense A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. | 7.5 |
| 2017-05-21 | CVE-2017-9138 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tendacn F1200 Firmware, F1202 Firmware and Fh1202 Firmware There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). | 8.0 |
| 2017-05-21 | CVE-2017-9137 | Insecure Default Initialization of Resource vulnerability in Ceragon Fiberair Ip-10 Firmware Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the mateidu account (a hidden user account established by the vendor). | 7.3 |
| 2017-05-21 | CVE-2017-9136 | Incorrect Permission Assignment for Critical Resource vulnerability in Mimosa Backhaul Radios and Client Radios An issue was discovered on Mimosa Client Radios before 2.2.3. | 7.5 |
| 2017-05-21 | CVE-2017-9135 | Injection vulnerability in Mimosa Backhaul Radios and Client Radios An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimosa Backhaul Radios before 2.2.4. | 8.8 |