Filtered by vendor Cisco
Subscribe
Total
6186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0667 | 1 Cisco | 1 Secure Access Control System | 2024-11-21 | 6.3 MEDIUM | N/A |
| The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169. | |||||
| CVE-2014-0666 | 1 Cisco | 1 Jabber | 2024-11-21 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056. | |||||
| CVE-2014-0665 | 1 Cisco | 1 Identity Services Engine Software | 2024-11-21 | 4.0 MEDIUM | N/A |
| The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug ID CSCul83904. | |||||
| CVE-2014-0664 | 1 Cisco | 1 Unity Connection | 2024-11-21 | 6.8 MEDIUM | N/A |
| The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976. | |||||
| CVE-2014-0663 | 1 Cisco | 1 Secure Access Control System | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web framework in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum03625. | |||||
| CVE-2014-0662 | 1 Cisco | 2 Telepresence Video Communication Server Software, Telepresence Video Communication Servers Software | 2024-11-21 | 7.1 HIGH | N/A |
| The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632. | |||||
| CVE-2014-0661 | 1 Cisco | 14 Telepresence System 1000, Telepresence System 1100, Telepresence System 1300-65 and 11 more | 2024-11-21 | 8.3 HIGH | N/A |
| The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796. | |||||
| CVE-2014-0660 | 1 Cisco | 1 Telepresence Isdn Gateway Software | 2024-11-21 | 7.1 HIGH | N/A |
| Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows remote attackers to cause a denial of service (D-channel call outage) via a crafted Q.931 STATUS message, aka Bug ID CSCui50360. | |||||
| CVE-2014-0659 | 1 Cisco | 6 Rvs4000, Rvs4000 Firmware, Wap4410n and 3 more | 2024-11-21 | 10.0 HIGH | N/A |
| The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685. | |||||
| CVE-2014-0658 | 1 Cisco | 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware | 2024-11-21 | 5.4 MEDIUM | N/A |
| Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898. | |||||
| CVE-2014-0657 | 1 Cisco | 1 Unified Communications Manager | 2024-11-21 | 4.0 MEDIUM | N/A |
| The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540. | |||||
| CVE-2014-0656 | 1 Cisco | 1 Context Directory Agent | 2024-11-21 | 4.0 MEDIUM | N/A |
| Cisco Context Directory Agent (CDA) allows remote authenticated users to trigger the omission of certain user-interface data via crafted field values, aka Bug ID CSCuj45353. | |||||
| CVE-2014-0655 | 1 Cisco | 1 Adaptive Security Appliance | 2024-11-21 | 4.3 MEDIUM | N/A |
| The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332. | |||||
| CVE-2014-0654 | 1 Cisco | 1 Context Directory Agent | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383. | |||||
| CVE-2014-0653 | 1 Cisco | 1 Adaptive Security Appliance | 2024-11-21 | 4.3 MEDIUM | N/A |
| The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340. | |||||
| CVE-2014-0652 | 1 Cisco | 1 Context Directory Agent | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco Context Directory Agent (CDA) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuj45358. | |||||
| CVE-2014-0651 | 1 Cisco | 1 Context Directory Agent | 2024-11-21 | 4.9 MEDIUM | N/A |
| The administrative interface in Cisco Context Directory Agent (CDA) does not properly enforce authorization requirements, which allows remote authenticated users to obtain administrative access by hijacking a session, aka Bug ID CSCuj45347. | |||||
| CVE-2014-0650 | 1 Cisco | 1 Secure Access Control System | 2024-11-21 | 10.0 HIGH | N/A |
| The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962. | |||||
| CVE-2014-0649 | 1 Cisco | 1 Secure Access Control System | 2024-11-21 | 9.0 HIGH | N/A |
| The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180. | |||||
| CVE-2014-0648 | 1 Cisco | 1 Secure Access Control System | 2024-11-21 | 10.0 HIGH | N/A |
| The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187. | |||||