CVSS: 7.9EPSS: 0%CPEs: 38EXPL: 0CVE-2016-2243 – HP Security Bulletin HPSBHF03439 1
https://notcve.org/view.php?id=CVE-2016-2243
04 Mar 2016 — Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access. Sure Start en HP Commercial PCs 2015 permite a usuarios locales causar una denegación de servicio (fallo de recuperación de la BIOS) aprovechándose del acceso administrativo. HP has identified a potential security vulnerability with the Sure Start implementation on certain 2015 commercial platforms. This vulnerability could be exploited locally by administrator or... • http://www.securitytracker.com/id/1035193 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2015-6260
https://notcve.org/view.php?id=CVE-2015-6260
03 Mar 2016 — Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645. Cisco NX-OS 7.1(1)N1(1) en dispositivos Nexus 5500, 5600 y 6000 no valida correctamente PDUs en paquetes SNMP, lo que permite a atancantes remotos causar una denegación de servicio (reinicio de aplicación SNMP) a través de un paquetes manipulado, también conocido como B... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n5ksnmp • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 12%CPEs: 65EXPL: 0CVE-2015-0718
https://notcve.org/view.php?id=CVE-2015-0718
03 Mar 2016 — Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579. Cisco NX-OS 4.0 hasta la versión 6.1 en dispositivos Nexus 1000V 3000, 4000, 5000, 6000 y 7000 y plataformas Unified Computing System (UCS) permite a atancantes remotos causar una denegación de servicio (recarga... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-netstack • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 3%CPEs: 14EXPL: 0CVE-2016-1329
https://notcve.org/view.php?id=CVE-2016-1329
03 Mar 2016 — Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800. Cisco NX-OS 6.0(2)U6(1) hasta la versión 6.0(2)U6(5) en dispositivos Nexus 3000 y 6.0(2)A6(1) hasta la versión 6.0(2)A6(5) y 6.0(2)A7(1) en dispositivos Nexus 3500 tiene credenciales embebidas, lo que permite a atacantes remotos ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n3k • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1317
https://notcve.org/view.php?id=CVE-2016-1317
09 Feb 2016 — Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098. Cisco Unified Communications Manager 11.5(0.98000.480) permite a usuarios remotos autenticados obtener información sensible de la base de datos table-name y entity-name a través de una petición directa a una URL no especificada, también conocido como Bug ID CSCuy11098. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-201600208-ucm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1319
https://notcve.org/view.php?id=CVE-2016-1319
09 Feb 2016 — Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. Cisco Unified Communications Manager (también conocido como CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6398
https://notcve.org/view.php?id=CVE-2015-6398
07 Feb 2016 — Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switches with software before 11.0(1c) allow remote attackers to cause a denial of service (device reload) via an IPv4 ICMP packet with the IP Record Route option, aka Bug ID CSCuq57512. Switches Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode con software anterior a 11.0(1c) permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un paquete IPv4 ICMP con la opción IP Record Route, tamb... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-n9knci • CWE-399: Resource Management Errors •
CVSS: 9.0EPSS: 0%CPEs: 25EXPL: 0CVE-2016-1302
https://notcve.org/view.php?id=CVE-2016-1302
07 Feb 2016 — Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998. Dispositivos Cisco Application Policy Infrastructure Controller (APIC) con software anterior a 1.0(3h) y 1.1 en versiones anteriores a 1.1(1j) y switches Nexus 9000 ACI Mode con software... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1307
https://notcve.org/view.php?id=CVE-2016-1307
07 Feb 2016 — The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085. El servidor Openfire en Cisco Finesse Desktop 10.5(1) y 11.0(1) y Unified Contact Center Express 10.6(1) tiene una cuenta embebida, lo que hace más fácil para atacantes remotos obtener acceso a través de una sesión XMPP, también conocido como Bug ID CSCuw79085. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce • CWE-255: Credentials Management Errors CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5988
https://notcve.org/view.php?id=CVE-2015-5988
31 Dec 2015 — The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. La interfaz de gestión web en dispositivos Belkin F9K1102 2 con firmware 2.10.17 tiene una contraseña en blanco, lo que permite a atacantes remotos obtener privilegios administrativos aprovechando una sesión LAN. • https://www.kb.cert.org/vuls/id/201168 • CWE-255: Credentials Management Errors •