The VPN downloader in the download_install component in Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495 on Linux accepts arbitrary X.509 server certificates without user interaction, which allows remote attackers to obtain sensitive information via vectors involving an invalid certificate, aka Bug ID CSCua11967.
Max CVSS
5.0
EPSS Score
0.21%
Published
2012-09-16
Updated
2017-08-29
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 allows remote authenticated users to cause a denial of service (memory consumption and blank response page) by using the clientless WebVPN feature, aka Bug ID CSCth34278.
Max CVSS
4.0
EPSS Score
0.09%
Published
2012-08-06
Updated
2023-08-15
Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) feature of Cisco Unified Communications Manager (CUCM) is enabled, allows remote attackers to obtain sensitive crosstalk information by listening during a PSTN call, aka Bug ID CSCtx77750.
Max CVSS
4.3
EPSS Score
0.17%
Published
2012-08-06
Updated
2012-08-07
Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279.
Max CVSS
5.0
EPSS Score
0.16%
Published
2012-08-06
Updated
2012-08-07
The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate directory names via a series of queries, aka Bug ID CSCtt94070.
Max CVSS
5.0
EPSS Score
0.27%
Published
2012-05-03
Updated
2012-05-30
The TAC Case Attachment tool in Cisco Wireless Control System (WCS) 7.0 allows remote authenticated users to read arbitrary files under webnms/Temp/ via unspecified vectors, aka Bug ID CSCtq86807.
Max CVSS
4.0
EPSS Score
0.12%
Published
2012-05-02
Updated
2012-08-19
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process IKE requests despite a vpnclient mode configuration, which allows remote attackers to obtain potentially sensitive information by reading IKE responder traffic, aka Bug ID CSCtt07749.
Max CVSS
4.3
EPSS Score
0.27%
Published
2012-05-02
Updated
2023-08-15
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!