|
255371
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager_im_and_presence_service
|
A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS)…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0396
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255372
|
8.8 |
HIGH
Network
|
cisco
|
cloud_services_platform_2100
|
A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerabili…
|
CWE-20
Improper Input Validation
|
CVE-2018-0394
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255373
|
6.5 |
MEDIUM
Network
|
cisco
|
mobility_services_engine_3365_firmware mobility_services_engine_3355_firmware mobility_services_engine_3310_firmware
|
A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface…
|
NVD-CWE-noinfo
|
CVE-2018-0393
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255374
|
5.5 |
MEDIUM
Local
|
cisco
|
mobility_services_engine_3365_firmware mobility_services_engine_3355_firmware mobility_services_engine_3310_firmware
|
A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permission…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-0392
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255375
|
6.1 |
MEDIUM
Network
|
cisco
|
webex_meetings
|
A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0390
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255376
|
8.8 |
HIGH
Network
|
cisco
|
webex_teams
|
A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vul…
|
CWE-20
Improper Input Validation
|
CVE-2018-0387
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255377
|
5.5 |
MEDIUM
Local
|
cisco
|
webex_meetings_online
|
Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities …
|
NVD-CWE-noinfo
|
CVE-2018-0380
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255378
|
7.8 |
HIGH
Local
|
cisco
|
webex_meetings_online webex_business_suite webex_meeting_server
|
Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-0379
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255379
|
9.8 |
CRITICAL
Network
|
cisco
|
mobility_services_engine policy_suite
|
A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2018-0377
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255380
|
9.8 |
CRITICAL
Network
|
cisco
|
mobility_services_engine policy_suite
|
A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface. The vulnerability is due to…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2018-0376
|
2024-11-21 12:38 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|