|
247011
|
8.8 |
HIGH
Network
|
cisco
|
prime_service_catalog
|
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a la…
|
CWE-352
Origin Validation Error
|
CVE-2018-0107
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247012
|
3.3 |
LOW
Local
|
cisco
|
elastic_services_controller
|
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive information on a targeted system. The vulnerabili…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2018-0106
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247013
|
5.3 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protectio…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2018-0105
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247014
|
5.3 |
MEDIUM
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain inf…
|
CWE-200
Information Exposure
|
CVE-2018-0111
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247015
|
8.1 |
HIGH
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. The vulnerab…
|
CWE-863
Incorrect Authorization
|
CVE-2018-0110
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247016
|
2.7 |
LOW
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to obtain inf…
|
CWE-200
Information Exposure
|
CVE-2018-0109
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247017
|
5.3 |
MEDIUM
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could expl…
|
CWE-611
XXE
|
CVE-2018-0108
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247018
|
7.4 |
HIGH
Adjacent
|
cisco
|
nx-os
|
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. T…
|
CWE-415
Double Free
|
CVE-2018-0102
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247019
|
4.4 |
MEDIUM
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected…
|
CWE-611
XXE
|
CVE-2018-0100
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247020
|
8.8 |
HIGH
Network
|
cisco
|
d9800_firmware
|
A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due t…
|
CWE-78
OS Command
|
CVE-2018-0099
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
