4 matches found
CVE-2018-5390
CVE-2018-5390 (SegmentSmack) affects Linux kernels 4.9+ where specially crafted TCP packets can trigger expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue(), potentially exhausting CPU and causing DoS. The Citrix advisory corroborates that TCP reassembly issues can lead to CPU sa...
CVE-2019-16005
CVE-2019-16005 affects Cisco Webex Video Mesh nodes, via the web-based management interface. The flaw is due to improper validation of user-supplied input, exploitable by an authenticated attacker with administrative privileges who sends crafted requests to the application. A successful exploit c...
CVE-2021-40115
CVE-2021-40115 — Cisco Webex Video Mesh XSS : A vulnerability in Cisco Webex Video Mesh arises from insufficient validation of user-supplied input in the web-based management interface, enabling an unauthenticated, remote attacker to lure a user into clicking a crafted link and execute arbitrary ...
CVE-2021-1500
Cisco Webex Video Mesh suffers an input validation flaw in the web-based management interface that improperly validates URL parameters in HTTP requests. An unauthenticated, remote attacker could lure a user to click a crafted link and be redirected to a malicious site, enabling phishing scenarios...