|
248151
|
4.3 |
MEDIUM
Network
|
cisco
|
prime_collaboration_assurance
|
A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted. More Informati…
|
CWE-20
Improper Input Validation
|
CVE-2017-3843
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248152
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_collaboration_assurance
|
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a u…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3845
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248153
|
5.3 |
MEDIUM
Network
|
cisco
|
intrusion_prevention_system_device_manager
|
A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information store…
|
CWE-200
Information Exposure
|
CVE-2017-3842
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248154
|
7.5 |
HIGH
Network
|
cisco
|
secure_access_control_system
|
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. More Information: CSCvc04854. K…
|
CWE-200
Information Exposure
|
CVE-2017-3841
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248155
|
6.1 |
MEDIUM
Network
|
cisco
|
secure_access_control_system
|
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect V…
|
CWE-601
Open Redirect
|
CVE-2017-3840
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248156
|
4.3 |
MEDIUM
Network
|
cisco
|
secure_access_control_system
|
An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to have read access to part of the…
|
CWE-611
XXE
|
CVE-2017-3839
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248157
|
6.1 |
MEDIUM
Network
|
cisco
|
secure_access_control_system
|
A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-based cross-site scripting (XSS) attack against the user of the web interf…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3838
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248158
|
4.3 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web framework Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. More Information: CSCvb61689. Known Affected Releases…
|
CWE-200
Information Exposure
|
CVE-2017-3836
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248159
|
8.8 |
HIGH
Network
|
cisco
|
identity_services_engine_software
|
A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users, because of SQL Injection. More Info…
|
CWE-89
SQL Injection
|
CVE-2017-3835
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248160
|
7.5 |
HIGH
Network
|
cisco
|
meeting_server
|
A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance. More Infor…
|
CWE-20
Improper Input Validation
|
CVE-2017-3830
|
2024-11-21 12:26 |
2017-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
