CVE-2017-12269
- EPSS 0.36%
- Published 05.10.2017 07:29:00
- Last modified 20.04.2025 01:37:25
A vulnerability in the web UI of Cisco Spark Messaging Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation by the web UI of the affect...
CVE-2016-1324
- EPSS 0.48%
- Published 12.02.2016 01:59:06
- Last modified 12.04.2025 10:46:40
The REST interface in Cisco Spark 2015-06 allows remote attackers to cause a denial of service (resource outage) by accessing an administrative page, aka Bug ID CSCuv84125.
CVE-2016-1323
- EPSS 0.17%
- Published 12.02.2016 01:59:05
- Last modified 12.04.2025 10:46:40
The REST interface in Cisco Spark 2015-06 allows remote authenticated users to obtain sensitive information via a request for an unspecified file, aka Bug ID CSCuv84048.
CVE-2016-1322
- EPSS 0.38%
- Published 12.02.2016 01:59:04
- Last modified 12.04.2025 10:46:40
The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584.
CVE-2015-6303
- EPSS 0.14%
- Published 24.09.2015 14:59:00
- Last modified 12.04.2025 10:46:40
The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, ak...