|
253241
|
8.1 |
HIGH
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. The vulnerab…
|
CWE-863
Incorrect Authorization
|
CVE-2018-0110
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253242
|
2.7 |
LOW
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to obtain inf…
|
CWE-200
Information Exposure
|
CVE-2018-0109
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253243
|
5.3 |
MEDIUM
Network
|
cisco
|
webex_meetings_server
|
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could expl…
|
CWE-611
XXE
|
CVE-2018-0108
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253244
|
7.4 |
HIGH
Adjacent
|
cisco
|
nx-os
|
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. T…
|
CWE-415
Double Free
|
CVE-2018-0102
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253245
|
4.4 |
MEDIUM
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected…
|
CWE-611
XXE
|
CVE-2018-0100
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253246
|
8.8 |
HIGH
Network
|
cisco
|
d9800_firmware
|
A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due t…
|
CWE-78
OS Command
|
CVE-2018-0099
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253247
|
6.1 |
MEDIUM
Network
|
cisco
|
wap361_firmware
wap150_firmware
|
A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet (PoE) and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0098
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253248
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. The vulnerability …
|
CWE-601
Open Redirect
|
CVE-2018-0097
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253249
|
5.9 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtua…
|
CWE-863
Incorrect Authorization
|
CVE-2018-0096
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253250
|
7.8 |
HIGH
Local
|
cisco
|
asyncos
|
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to es…
|
NVD-CWE-noinfo
|
CVE-2018-0095
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
