|
254991
|
5.4 |
MEDIUM
Network
|
cisco
|
emergency_responder
|
A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failur…
|
CWE-89
SQL Injection
|
CVE-2017-12227
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254992
|
6.5 |
MEDIUM
Network
|
cisco
|
prime_lan_management_solution
|
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixati…
|
CWE-384
Session Fixation
|
CVE-2017-12225
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254993
|
6.5 |
MEDIUM
Network
|
cisco
|
meeting_server
|
A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to enter a meeting with a hyperlink URL, even t…
|
CWE-200
Information Exposure
|
CVE-2017-12224
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254994
|
6.4 |
MEDIUM
Physics
|
cisco
|
ir800_integrated_services_router_firmware
|
A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device…
|
CWE-20
Improper Input Validation
|
CVE-2017-12223
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254995
|
5.4 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interf…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12221
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254996
|
6.1 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack aga…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12220
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254997
|
5.8 |
MEDIUM
Network
|
cisco
|
asyncos
|
A vulnerability in the malware detection functionality within Advanced Malware Protection (AMP) of Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated, re…
|
CWE-20
Improper Input Validation
|
CVE-2017-12218
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254998
|
5.3 |
MEDIUM
Network
|
cisco
|
asr_5500_firmware
|
A vulnerability in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution (SAE) Gateways could allow an unauthenticated, rem…
|
CWE-20
Improper Input Validation
|
CVE-2017-12217
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254999
|
8.8 |
HIGH
Network
|
cisco
|
socialminer
|
A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vu…
|
CWE-611
XXE
|
CVE-2017-12216
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255000
|
4.3 |
MEDIUM
Adjacent
|
cisco
|
ios_xe
|
A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dyn…
|
CWE-287
Improper Authentication
|
CVE-2017-12213
|
2024-11-21 12:09 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
