Latest CVE Feed
-
7.5
HIGHCVE-2018-0409
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P) and the Cisco TelePresence Video Communication Server (VCS) and Expressway could allow an unauthenticated, remote attacker to cause a t... Read more
- Published: Aug. 15, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-0408
A vulnerability in the web-based management interface of Cisco Small Business 300 Series (Sx300) Managed Switches could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based manage... Read more
Affected Products : sf300-08_firmware sf302-08_firmware sf302-08p_firmware sf302-08pp_firmware sf302-08mp_firmware sf302-08mpp_firmware sf300-24_firmware sf300-24p_firmware sf300-24pp_firmware sf300-24mp_firmware +46 more products- Published: Aug. 01, 2018
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-0407
A vulnerability in the web-based management interface of Cisco Small Business 300 Series (Sx300) Managed Switches could allow an authenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the web-based manag... Read more
Affected Products : sf300-08_firmware sf302-08_firmware sf302-08p_firmware sf302-08pp_firmware sf302-08mp_firmware sf302-08mpp_firmware sf300-24_firmware sf300-24p_firmware sf300-24pp_firmware sf300-24mp_firmware +46 more products- Published: Aug. 01, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-0406
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected or Document Object Model based (DOM-based) cross-site scripting (XSS) attack against a user ... Read more
Affected Products : web_security_appliance- Published: Aug. 01, 2018
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2018-0405
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal att... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2018-0404
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The att... Read more
Affected Products : rv180w_wireless-n_multifunction_vpn_router rv220w_wireless_network_security_firewall- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-0403
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.... Read more
- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-0402
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. Cisco Bug IDs: CSCvg70921.... Read more
- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-0401
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug I... Read more
- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-0400
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug I... Read more
- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-0399
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. Cisco Bug IDs: CSCvg71044.... Read more
Affected Products : finesse- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-0398
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Cisco Bug IDs: CSCvg71018.... Read more
Affected Products : finesse- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2018-0397
A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. The vulnerabi... Read more
- Published: Aug. 01, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-0396
A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affe... Read more
Affected Products : unified_communications_manager_im_and_presence_service- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-0395
A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads... Read more
Affected Products : nx-os firepower_extensible_operating_system nexus_7000_10-slot nexus_7000_18-slot nexus_7000_9-slot nexus_7000_4-slot nexus_7700_10-slot nexus_7700_18-slot nexus_7700_2-slot nexus_7700_6-slot +2 more products- Published: Oct. 17, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-0394
A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters... Read more
Affected Products : cloud_services_platform_2100- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2018-0393
A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization... Read more
- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2018-0392
A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this... Read more
- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2018-0391
A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable. The vulnerability is due to insufficient validation of a password change requ... Read more
- Published: Aug. 01, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-0390
A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vul... Read more
Affected Products : webex_meetings- Published: Jul. 18, 2018
- Modified: Nov. 21, 2024