Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-26 | CVE-2017-3805 | Information Exposure vulnerability in Cisco IOX 1.0(0) A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. | 5.3 |
| 2017-01-26 | CVE-2017-3804 | Unspecified vulnerability in Cisco Nx-Os A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. high complexity cisco | 6.1 |
| 2017-01-26 | CVE-2017-3803 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS 15.2(2)E3/15.2(4)E1 A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition. | 4.7 |
| 2017-01-26 | CVE-2017-3802 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 12.0(0.99000.9) A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |
| 2017-01-26 | CVE-2017-3800 | Improper Input Validation vulnerability in Cisco Email Security Appliance 9.7.1066/9.7.1Hp2207/9.8.5085 A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. | 5.8 |
| 2017-01-26 | CVE-2017-3799 | Open Redirect vulnerability in Cisco Webex Meeting Center Wbs28Base A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. | 5.4 |
| 2017-01-26 | CVE-2017-3798 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.5(1.12000.1) A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS attacks against a user of an affected device. | 6.1 |
| 2017-01-26 | CVE-2017-3797 | Information Exposure vulnerability in Cisco Webex Meetings Server 2.7.1/2.7Base A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. | 5.3 |
| 2017-01-26 | CVE-2017-3795 | Improper Authentication vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. | 5.4 |
| 2017-01-26 | CVE-2016-9222 | Cross-site Scripting vulnerability in Cisco Netflow Generation Appliance 1.0(2) A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |