Latest CVE Feed
-
7.8
HIGHCVE-2018-0351
A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. A... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0350
A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. A... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2018-0349
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-te... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0348
A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0347
A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input va... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0346
A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0345
A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the aff... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2018-0344
A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. T... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-0343
A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected syste... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2018-0342
A vulnerability in the configuration and monitoring service of the Cisco SD-WAN Solution could allow an authenticated, local attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. The vu... Read more
Affected Products : vbond_orchestrator vedge-plus vedge-pro vmanage_network_management vsmart_controller vedge-100_firmware vedge_100b_firmware vedge_100m_firmware vedge_100wm_firmware vedge-1000_firmware +9 more products- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0341
A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web s... Read more
Affected Products : ip_phone_multiplatform_firmware ip_phone_firmware ip_phone_7861 ip_phone_8851 ip_phone_6841 ip_phone_6851 ip_phone_7811 ip_phone_7821 ip_phone_7841 ip_phone_8811 +4 more products- Published: Jul. 16, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-0340
A vulnerability in the web framework of the Cisco Unified Communications Manager (Unified CM) software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected syste... Read more
Affected Products : unified_communications_manager- Published: Jun. 07, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-0339
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is du... Read more
Affected Products : identity_services_engine_software- Published: Jun. 07, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0338
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System (UCS) Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected s... Read more
- Published: Jun. 07, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0337
A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected device. The vulnerability exists because the affected software lacks proper inpu... Read more
Affected Products : nx-os nexus_7000 nx-os nexus_5000 nexus_5010 nexus_5020 nexus_5548p nexus_5548up nexus_5596up nexus_5596t +6 more products- Published: Jun. 21, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-0336
A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to escalate privileges to the Administrator level. The vulnerability is due to insufficient authorization enforcement... Read more
Affected Products : prime_collaboration- Published: Jun. 07, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0335
A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker coul... Read more
Affected Products : prime_collaboration- Published: Jun. 07, 2018
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2018-0334
A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager and of Cisco AnyConnect Secure Mobility Client for iOS, Mac OS X, Android, Windows, and Linux could allow an unauthenticated, remote attacker to bypass the ... Read more
Affected Products : anyconnect_secure_mobility_client- Published: Jun. 07, 2018
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2018-0332
A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-... Read more
- Published: Jun. 07, 2018
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2018-0331
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) cond... Read more
Affected Products : nx-os firepower_extensible_operating_system fxos mds_9000 nexus_7000 nexus_5000 nexus_5010 nexus_5020 nexus_5548p nexus_5548up +68 more products- Published: Jun. 21, 2018
- Modified: Nov. 21, 2024