7 matches found
CVE-2017-6644
Cisco Remote Expert Manager Software 11.0.0 is affected by CVE-2017-6644. The vulnerability is an information-disclosure flaw in the web interface that allows an unauthenticated, remote attacker to access sensitive information by sending crafted HTTP requests. The root cause is insufficient prote...
CVE-2017-6641
Cisco Remote Expert Manager Software 11.0.0 contains a denial-of-service vulnerability in the TCP connection handling (TCP Listen) due to lack of rate-limiting. An unauthenticated, remote attacker can flood specific TCP packets (e.g., FIN-set streams) to cause certain listening ports to stop acce...
CVE-2017-6646
CVE-2017-6646 affects Cisco Remote Expert Manager Software web interface (11.0.0). An unauthenticated remote attacker can access sensitive order information by sending crafted HTTP requests because the software does not sufficiently protect sensitive data in HTTP responses. The vulnerability is d...
CVE-2017-6645
CVE-2017-6645 concerns Cisco Remote Expert Manager Software (web interface) 11.0.0. The issue arises from insufficient protection of sensitive data in HTTP responses, enabling an unauthenticated remote attacker to access sensitive information via the web interface. Impact is information disclosur...
CVE-2017-6642
CVE-2017-6642 affects Cisco Remote Expert Manager Software (version 11.0.0) where the web interface may disclose sensitive information. The issue arises because responses to HTTP requests do not adequately protect sensitive data, enabling an unauthenticated, remote attacker to access information ...
CVE-2017-6647
The CVE-2017-6647 issue affects Cisco Remote Expert Manager Software (11.0.0) Web UI. A vulnerability in the web interface allows an unauthenticated, remote attacker to access sensitive Temporary File information due to insufficient protection of data in HTTP responses. An attacker can exploit cr...
CVE-2017-6643
The CVE-2017-6643 issue affects Cisco Remote Expert Manager Software (11.0.0) web interface, where an unauthenticated remote attacker could access sensitive Virtual Directory information due to insufficient protection of data in HTTP responses. Multiple sources (NVD/NVD CVE record, Cisco advisory...