Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco spark - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2016-1323
The REST interface in Cisco Spark 2015-06 allows remote authenticated users to obtain sensitive information via a request for an unspecified file, aka Bug ID CSCuv84048.
Cisco Spark 2015-06 Base
5.3
CVSSv3
CVE-2016-1324
The REST interface in Cisco Spark 2015-06 allows remote malicious users to cause a denial of service (resource outage) by accessing an administrative page, aka Bug ID CSCuv84125.
Cisco Spark 2015-06 Base
7.5
CVSSv3
CVE-2016-1322
The REST interface in Cisco Spark 2015-07-04 allows remote malicious users to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584.
Cisco Spark 2015-07-04 Base
4.3
CVSSv3
CVE-2022-34808
Jenkins Cisco Spark Plugin 1.1.1 and previous versions stores bearer tokens unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Jenkins Cisco Spark
4.3
CVSSv3
CVE-2023-24451
A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and previous versions allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Cisco Spark
NA
CVE-2015-6303
The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCut36742 and...
Cisco Spark 2015-07-04 Base
5.4
CVSSv3
CVE-2017-12269
A vulnerability in the web UI of Cisco Spark Messaging Software could allow an authenticated, remote malicious user to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation by the web UI of the affected software. An attacker...
Cisco Spark -
7.5
CVSSv3
CVE-2017-12310
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote malicious user to view sensitive information in the unencrypted headers of an HTTP method request. The attacker could use this information to conduct addition...
Cisco Spark Hybrid Calendar Service
4.7
CVSSv3
CVE-2018-0119
A vulnerability in certain authentication controls in the account services of Cisco Spark could allow an authenticated, remote malicious user to interact with and view information on an affected device that would normally be prohibited. The vulnerability is due to the improper di...
Cisco Conference Director 2017-08-30
4.4
CVSSv3
CVE-2017-12306
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local malicious user to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability is due to insufficient upgrade package validation. An attacker could explo...
Cisco Conference Director 2017-08-15
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »