Users login

Create an account »

JOIN XATRIX

Users login

Home » CVE vulnerabilities

CVE Vulnerabilities

CVE vulnerabilities is a database of publicly known information security vulnerabilities and exposures.
Page: 123456 out of 2890

CVE-2017-6697 | June 13, 2017
A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. More Information: CSCvd76339. Known Affected Releases: 2.2(9.76).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6696 | June 13, 2017
A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credentials that are stored in an affected system. More Information: CSCvd73677. Known Affected Releases: 2.3(2).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6695 | June 13, 2017
A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information. More Information: CSCvd29398. Known Affected Releases: 21.0.v0.65839.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6694 | June 13, 2017
A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive data (cleartext credentials) on an affected system. More Information: CSCvd29355. Known Affected Releases: 21.0.v0.65839.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6693 | June 13, 2017
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored in the file system of an affected system, aka Unauthorized Directory Access. More Information: CSCvd76286. Known Affected Releases: 2.2(9.76) 2.3(1).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6692 | June 13, 2017
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user, aka an Insecure Default Account Information Vulnerability. More Information: CSCvd85710. Known Affected Releases: 21.0.v0.65839.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6691 | June 13, 2017
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affected system. More Information: CSCvd29403. Known Affected Releases: 2.3(2).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6690 | June 13, 2017
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected Releases: 21.0.v0.65839 21.3.M0.67005. Known Fixed Releases: 21.4.A0.67087 21.4.A0.67079 21.4.A0.67013 21.3.M0.67084 21.3.M0.67077 21.3.M0.66994 21.3.J0.66993 21.1.v0.67082 21.1.V0.67083.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6689 | June 13, 2017
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the admin user, aka an Insecure Default Administrator Credentials Vulnerability. More Information: CSCvc76661. Known Affected Releases: 2.2(9.76).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6688 | June 13, 2017
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerability. More Information: CSCvc76631. Known Affected Releases: 2.2(9.76).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6687 | June 13, 2017
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability. More Information: CSCvc76695. Known Affected Releases: 21.0.0.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6686 | June 13, 2017
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76699. Known Affected Releases: 21.0.0.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6685 | June 13, 2017
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76681. Known Affected Releases: 21.0.0.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6684 | June 13, 2017
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76651. Known Affected Releases: 21.0.0.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6683 | June 13, 2017
A vulnerability in the esc_listener.py script of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to execute arbitrary commands as the tomcat user on an affected system, aka an Authentication Request Processing Arbitrary Command Execution Vulnerability. More Information: CSCvc76642. Known Affected Releases: 2.2(9.76).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6682 | June 13, 2017
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user on an affected system. More Information: CSCvc76620. Known Affected Releases: 2.2(9.76).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6681 | June 13, 2017
A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system. More Information: CSCvc76662. Known Affected Releases: 21.0.0.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6680 | June 13, 2017
A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system. More Information: CSCvc76652. Known Affected Releases: 21.0.0.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6675 | June 13, 2017
A vulnerability in the web interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against an affected system. More Information: CSCvd25405. Known Affected Releases: 1.1(0.176).
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6674 | June 13, 2017
A vulnerability in the feature-license management functionality of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass URL filters that have been configured for an affected device. More Information: CSCvb16413. Known Affected Releases: 6.0.1 6.1.0 6.2.0 6.2.1. Known Fixed Releases: 6.2.1 6.2.0.1 6.1.0.2.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6673 | June 13, 2017
A vulnerability in Cisco Firepower Management Center could allow an authenticated, remote attacker to obtain user information. An attacker could use this information to perform reconnaissance. More Information: CSCvc10894. Known Affected Releases: 6.1.0.2 6.2.0. Known Fixed Releases: 6.2.0.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6671 | June 13, 2017
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020 9.8.1-015.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6670 | June 13, 2017
A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect issue. More Information: CSCvc54813. Known Affected Releases: 8.1(7)ER1.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6668 | June 13, 2017
Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc52784 CSCvc97648. Known Affected Releases: 8.1(7)ER1.
Severity: | Impact score: 0.00 | Exploit score: 0.00

CVE-2017-6667 | June 13, 2017
A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0.
Severity: | Impact score: 0.00 | Exploit score: 0.00

Page: 123456 out of 2890

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »