|
246921
|
5.3 |
MEDIUM
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could expl…
|
CWE-611
XXE
|
CVE-2018-0108
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246922
|
7.4 |
HIGH
Adjacent
|
cisco
|
nx-os
|
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. T…
|
CWE-415
Double Free
|
CVE-2018-0102
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246923
|
4.4 |
MEDIUM
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected…
|
CWE-611
XXE
|
CVE-2018-0100
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246924
|
8.8 |
HIGH
Network
|
cisco
|
d9800_firmware
|
A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due t…
|
CWE-78
OS Command
|
CVE-2018-0099
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246925
|
6.1 |
MEDIUM
Network
|
cisco
|
wap361_firmware
wap150_firmware
|
A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet (PoE) and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0098
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246926
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. The vulnerability …
|
CWE-601
Open Redirect
|
CVE-2018-0097
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246927
|
5.9 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtua…
|
CWE-863
Incorrect Authorization
|
CVE-2018-0096
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246928
|
7.8 |
HIGH
Local
|
cisco
|
asyncos
|
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to es…
|
NVD-CWE-noinfo
|
CVE-2018-0095
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246929
|
7.5 |
HIGH
Network
|
cisco
|
unified_computing_system_central_software
|
A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilizati…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0094
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246930
|
6.1 |
MEDIUM
Network
|
cisco
|
web_security_appliance
|
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack ag…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0093
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
