|
246781
|
4.3 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection …
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2018-0266
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246782
|
4.3 |
MEDIUM
Network
|
cisco
|
digital_network_architecture_center
|
A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) could allow an unauthenticated, remote attacker to communicate with the Kong API server without rest…
|
CWE-863
Incorrect Authorization
|
CVE-2018-0269
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246783
|
6.5 |
MEDIUM
Local
|
cisco
|
unified_communications_manager
|
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP cre…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2018-0267
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246784
|
5.3 |
MEDIUM
Network
|
cisco
|
mate_live
|
A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents of certain web application virtual directories. The vulnerabi…
|
CWE-20
Improper Input Validation
|
CVE-2018-0260
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246785
|
8.8 |
HIGH
Network
|
cisco
|
mate_collector
|
A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitra…
|
CWE-352
Origin Validation Error
|
CVE-2018-0259
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246786
|
4.3 |
MEDIUM
Adjacent
|
cisco
|
ios_xe
|
A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resul…
|
NVD-CWE-noinfo
|
CVE-2018-0257
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246787
|
5.8 |
MEDIUM
Network
|
cisco
|
asr_5000_series_software
|
A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) proces…
|
CWE-20
Improper Input Validation
|
CVE-2018-0256
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246788
|
8.8 |
HIGH
Network
|
cisco
|
ios
|
A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against…
|
CWE-352
Origin Validation Error
|
CVE-2018-0255
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246789
|
5.3 |
MEDIUM
Network
|
cisco
|
firepower_threat_defense
|
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypa…
|
CWE-693
Protection Mechanism Failure
|
CVE-2018-0254
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246790
|
6.1 |
MEDIUM
Network
|
cisco
|
adaptive_security_appliance_software
|
A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthentic…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0251
|
2024-11-21 12:37 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
