|
258221
|
5.3 |
MEDIUM
Network
|
cisco
|
email_security_appliance_firmware
|
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the…
|
CWE-113
HTTP Response Splitting
|
CVE-2017-12309
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258222
|
4.4 |
MEDIUM
Local
|
cisco
|
conference_director
|
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2017-12306
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258223
|
6.1 |
MEDIUM
Network
|
cisco
|
ios
|
A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12304
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258224
|
5.3 |
MEDIUM
Network
|
cisco
|
asyncos
|
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to byp…
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2017-12303
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258225
|
4.3 |
MEDIUM
Network
|
cisco
|
unified_communications_domain_manager
|
A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL…
|
CWE-89
SQL Injection
|
CVE-2017-12302
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258226
|
5.8 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message…
|
CWE-20
Improper Input Validation
|
CVE-2017-12300
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258227
|
5.3 |
MEDIUM
Network
|
cisco
|
firepower_extensible_operating_system
|
A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker t…
|
CWE-20
Improper Input Validation
|
CVE-2017-12299
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258228
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12292
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258229
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12291
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258230
|
6.1 |
MEDIUM
Network
|
cisco
|
email_encryption
|
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12290
|
2024-11-21 12:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
