|
250651
|
6.1 |
MEDIUM
Network
|
cisco
|
registered_envelope_service
|
A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vu…
|
CWE-20
CWE-601
Improper Input Validation
Open Redirect
|
CVE-2017-3889
|
2024-11-21 12:26 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250652
|
5.4 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack ag…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3888
|
2024-11-21 12:26 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250653
|
5.9 |
MEDIUM
Network
|
cisco
|
firepower_threat_defense
|
A vulnerability in the detection engine that handles Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of servic…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2017-3887
|
2024-11-21 12:26 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250654
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user …
|
CWE-79
Cross-site Scripting
|
CVE-2017-3848
|
2024-11-21 12:26 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250655
|
4.3 |
MEDIUM
Network
|
cisco
|
unified_computing_system_director
|
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for a…
|
CWE-863
Incorrect Authorization
|
CVE-2017-3817
|
2024-11-21 12:26 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250656
|
4.9 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the Cisco Unified Communications Manager web interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries,…
|
CWE-89
SQL Injection
|
CVE-2017-3886
|
2024-11-21 12:26 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250657
|
5.9 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of servi…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-3885
|
2024-11-21 12:26 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250658
|
6.5 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
evolved_programmable_network_manager
|
A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to access sensitive data. The att…
|
CWE-200
Information Exposure
|
CVE-2017-3884
|
2024-11-21 12:26 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250659
|
8.8 |
HIGH
Local
|
cloudfoundry
|
bosh_azure_cpi
|
Cloud Foundry Foundation BOSH Azure CPI v22 could potentially allow a maliciously crafted stemcell to execute arbitrary code on VMs created by the director, aka a "CPI code injection vulnerability."
|
CWE-94
Code Injection
|
CVE-2017-4964
|
2024-11-21 12:26 |
2017-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250660
|
9.8 |
CRITICAL
Network
|
cisco
|
aironet_access_point_firmware
|
A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete contr…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2017-3834
|
2024-11-21 12:26 |
2017-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
