Filtered by vendor Cisco
Subscribe
Total
6069 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1154 | 1 Cisco | 4 200 Series Smart Switches, 200 Series Smart Switches Software, 300 Series Managed Switches and 1 more | 2013-03-08 | 5.0 MEDIUM | N/A |
| The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 and earlier allow remote attackers to cause a denial of service (SSL/TLS layer outage) via malformed (1) SSH or (2) SSL packets, aka Bug ID CSCua30246. | |||||
| CVE-2013-1153 | 1 Cisco | 1 Prime Infrastructure | 2013-03-08 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web interface in Cisco Prime Infrastructure allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCue84676. | |||||
| CVE-2013-1141 | 1 Cisco | 2 Wireless Lan Controller, Wireless Lan Controller Software | 2013-03-07 | 6.1 MEDIUM | N/A |
| The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service (device reload) via crafted mDNS packets, aka Bug ID CSCue04153. | |||||
| CVE-2013-1140 | 1 Cisco | 1 Security Monitoring Analysis And Response System | 2013-03-06 | 4.3 MEDIUM | N/A |
| The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093. | |||||
| CVE-2012-6026 | 1 Cisco | 2 Aironet Access Point, Aironet Access Point Software | 2013-03-05 | 6.1 MEDIUM | N/A |
| The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460. | |||||
| CVE-2013-1133 | 1 Cisco | 1 Unified Communications Manager | 2013-03-04 | 7.8 HIGH | N/A |
| Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337. | |||||
| CVE-2012-5445 | 1 Cisco | 3 Skinny Client Control Protocol Software, Unified Ip Phone, Unified Ip Phone 7906g | 2013-03-04 | 6.8 MEDIUM | N/A |
| The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary. | |||||
| CVE-2013-1124 | 2 Apple, Cisco | 2 Mac Os X, Network Admission Control | 2013-03-01 | 5.8 MEDIUM | N/A |
| The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309. | |||||
| CVE-2013-1134 | 1 Cisco | 1 Unified Communications Manager | 2013-02-28 | 7.1 HIGH | N/A |
| The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920. | |||||
| CVE-2013-1137 | 1 Cisco | 1 Unified Presence Server | 2013-02-28 | 7.8 HIGH | N/A |
| Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930. | |||||
| CVE-2013-1122 | 1 Cisco | 2 Nexus 7000, Nx-os | 2013-02-27 | 5.0 MEDIUM | N/A |
| Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted packets, aka Bug ID CSCud15673. | |||||
| CVE-2013-1139 | 1 Cisco | 1 Cloud Portal | 2013-02-27 | 4.0 MEDIUM | N/A |
| The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134. | |||||
| CVE-2012-5417 | 1 Cisco | 1 Prime Data Center Network Manager | 2013-02-26 | 10.0 HIGH | N/A |
| Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924. | |||||
| CVE-2013-1125 | 1 Cisco | 10 Application Networking Manager, Context Directory Agent, Identity Services Engine Software and 7 more | 2013-02-20 | 6.8 MEDIUM | N/A |
| The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042. | |||||
| CVE-2013-1129 | 1 Cisco | 1 Unity Connection | 2013-02-20 | 5.0 MEDIUM | N/A |
| Memory leak in Cisco Unity Connection 9.x allows remote attackers to cause a denial of service (memory consumption and process crash) by sending many TCP requests, aka Bug ID CSCud59736. | |||||
| CVE-2013-1128 | 1 Cisco | 1 Unified Meetingplace | 2013-02-18 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuc64903. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2013-1111 | 1 Cisco | 2 Ata 187 Analog Telephone Adaptor, Ata 187 Analog Telephone Adaptor Firmware | 2013-02-14 | 9.0 HIGH | N/A |
| The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors involving a session on TCP port 7870, aka Bug ID CSCtz67038. | |||||
| CVE-2013-1100 | 1 Cisco | 85 Catalyst 2820, Catalyst 2900, Catalyst 2900 Vlan and 82 more | 2013-02-14 | 5.4 MEDIUM | N/A |
| The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853. | |||||
| CVE-2013-1114 | 1 Cisco | 1 Unity Express Software | 2013-02-14 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527. | |||||
| CVE-2013-1131 | 1 Cisco | 1 Small Business Wireless Access Ppoints | 2013-02-14 | 6.4 MEDIUM | N/A |
| Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, and WET200 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SSID that is not properly handled during a site survey, aka Bug IDs CSCua86182, CSCua91196, CSCud36155, and CSCua86190. | |||||