» 2016 » 8월

CVE-2016-6364

Posted on 2016년 8월 23일2016년 8월 23일 by admin

CVE-2016-6364

The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855.

Source: CVE-2016-6364

CVE-2016-6355

Posted on 2016년 8월 23일2016년 8월 23일 by admin

CVE-2016-6355

Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791.

Source: CVE-2016-6355

CVE-2016-1484 (webex_meetings_server)

Posted on 2016년 8월 23일2016년 8월 24일 by admin

CVE-2016-1484 (webex_meetings_server)

Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.

Source: CVE-2016-1484 (webex_meetings_server)

CVE-2016-1484

Posted on 2016년 8월 23일2016년 8월 23일 by admin

CVE-2016-1484

Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.

Source: CVE-2016-1484

CVE-2016-1477 (connected_streaming_analytics)

Posted on 2016년 8월 23일2016년 8월 24일 by admin

CVE-2016-1477 (connected_streaming_analytics)

Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891.

Source: CVE-2016-1477 (connected_streaming_analytics)

CVE-2016-1477

Posted on 2016년 8월 23일2016년 8월 23일 by admin

CVE-2016-1477

Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891.

Source: CVE-2016-1477

CVE-2016-6363 (aironet_access_point_software)

Posted on 2016년 8월 22일2016년 8월 23일 by admin

CVE-2016-6363 (aironet_access_point_software)

The rate-limit feature in the 802.11 protocol implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via crafted 802.11 frames, aka Bug ID CSCva06192.

Source: CVE-2016-6363 (aironet_access_point_software)

CVE-2016-6362 (aironet_access_point_software)

Posted on 2016년 8월 22일2016년 8월 23일 by admin

CVE-2016-6362 (aironet_access_point_software)

Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725.

Source: CVE-2016-6362 (aironet_access_point_software)

CVE-2016-6361 (aironet_access_point_software)

Posted on 2016년 8월 22일2016년 8월 23일 by admin

CVE-2016-6361 (aironet_access_point_software)

The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288.

Source: CVE-2016-6361 (aironet_access_point_software)

CVE-2016-6359 (transport_gateway_installation_software)

Posted on 2016년 8월 22일2016년 8월 23일 by admin

CVE-2016-6359 (transport_gateway_installation_software)

Cross-site scripting (XSS) vulnerability in Cisco Transport Gateway Installation Software 4.1(4.0) on Smart Call Home Transport Gateway devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug IDs CSCva40650 and CSCva40817.

Source: CVE-2016-6359 (transport_gateway_installation_software)