Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-26 | CVE-2019-16005 | Improper Input Validation vulnerability in Cisco Collaboration Meeting Rooms and Webex Video Mesh A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. | 9.0 |
| 2020-01-26 | CVE-2019-16003 | Missing Authentication for Critical Function vulnerability in Cisco UCS Director A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to download system log files from an affected device. | 5.0 |
| 2020-01-26 | CVE-2019-15989 | Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco IOS XR A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.0 |
| 2020-01-26 | CVE-2019-15278 | Cross-site Scripting vulnerability in Cisco Finesse and Unified Contact Center Express A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. | 4.3 |
| 2020-01-26 | CVE-2019-15255 | Missing Authorization vulnerability in Cisco Identity Services Engine 2.2/2.2(0.470) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device. | 4.0 |
| 2020-01-26 | CVE-2019-12629 | Injection vulnerability in Cisco Sd-Wan Firmware A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. | 9.0 |
| 2020-01-26 | CVE-2019-12619 | SQL Injection vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. | 4.0 |
| 2020-01-16 | CVE-2010-3048 | NULL Pointer Dereference vulnerability in Cisco Unified Personal Communicator 7.0(1.13056) Cisco Unified Personal Communicator 7.0 (1.13056) does not free allocated memory for received data and does not perform validation if memory allocation is successful, causing a remote denial of service condition. | 5.0 |
| 2020-01-15 | CVE-2019-15961 | Resource Exhaustion vulnerability in multiple products A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 6.5 |
| 2020-01-15 | CVE-2012-1326 | Improper Input Validation vulnerability in Cisco Ironport web Security Appliance 7.5 Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks | 5.8 |