|
250041
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. The vulnerability …
|
CWE-601
Open Redirect
|
CVE-2018-0097
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250042
|
5.9 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtua…
|
CWE-863
Incorrect Authorization
|
CVE-2018-0096
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250043
|
7.8 |
HIGH
Local
|
cisco
|
asyncos
|
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to es…
|
NVD-CWE-noinfo
|
CVE-2018-0095
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250044
|
7.5 |
HIGH
Network
|
cisco
|
unified_computing_system_central_software
|
A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilizati…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0094
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250045
|
6.1 |
MEDIUM
Network
|
cisco
|
web_security_appliance
|
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack ag…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0093
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250046
|
7.1 |
HIGH
Local
|
cisco
|
nx-os
|
A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. The network-ope…
|
CWE-862
Missing Authorization
|
CVE-2018-0092
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250047
|
6.1 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a Document Object Model (DOM) cross-site scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0091
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250048
|
7.5 |
HIGH
Network
|
cisco
|
nx-os
|
A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the managem…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0090
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250049
|
7.5 |
HIGH
Network
|
cisco
|
policy_suite
|
A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this …
|
CWE-312
CWE-732
Cleartext Storage of Sensitive Information
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-0089
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250050
|
6.7 |
MEDIUM
Local
|
cisco
|
industrial_ethernet_4010_series_firmware
|
A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stab…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-0088
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
