Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-04 | CVE-2017-6724 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.1(0.0) A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |
| 2017-07-04 | CVE-2017-6722 | Improper Authentication vulnerability in Cisco Unified Contact Center Express 11.5.1Es01/11.5.1Su1/11.5(1) A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote attacker to masquerade as a legitimate user, aka a Clear Text Authentication Vulnerability. | 6.1 |
| 2017-07-04 | CVE-2017-6721 | Improper Input Validation vulnerability in Cisco Wide Area Application Services 6.3(1) A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition. | 5.3 |
| 2017-07-04 | CVE-2017-6719 | Improper Input Validation vulnerability in Cisco IOS XR 6.0.2/6.0.2.01 A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges, aka Command Injection. | 6.7 |
| 2017-07-04 | CVE-2017-6718 | Improper Input Validation vulnerability in Cisco IOS XR 6.0.2/6.0.2.01 A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level. | 6.7 |
| 2017-07-04 | CVE-2017-6717 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 5.4 |
| 2017-07-04 | CVE-2017-6716 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 5.4 |
| 2017-07-04 | CVE-2017-6715 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. | 5.4 |
| 2017-07-04 | CVE-2017-6706 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. | 5.1 |
| 2017-07-04 | CVE-2017-6705 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the filesystem of the Cisco Prime Collaboration Provisioning tool could allow an authenticated, local attacker to acquire sensitive information. | 5.5 |