Vulnerabilities > Cisco > Network Level Service > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-16 | CVE-2019-1825 | SQL Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. | 8.1 |
| 2019-05-16 | CVE-2019-1823 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. | 7.2 |
| 2018-10-05 | CVE-2018-0446 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Network Level Service 1.5(0.128) A vulnerability in the web-based management interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |