Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2019-15995 | SQL Injection vulnerability in Cisco DNA Spaces: Connector A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. | 5.5 |
| 2019-11-26 | CVE-2019-15994 | Cross-site Scripting vulnerability in Cisco Stealthwatch Enterprise 6.10.2 A vulnerability in the web-based management interface of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.3 |
| 2019-11-26 | CVE-2019-15990 | Unspecified vulnerability in Cisco products A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an unauthenticated, remote attacker to view information displayed in the web-based management interface. | 5.0 |
| 2019-11-26 | CVE-2019-15988 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. | 5.0 |
| 2019-11-26 | CVE-2019-15987 | Improper Authentication vulnerability in Cisco products A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. | 5.0 |
| 2019-11-26 | CVE-2019-15986 | Improper Input Validation vulnerability in Cisco Unity Express 9.0.6 A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2019-11-26 | CVE-2019-15972 | SQL Injection vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 6.5 |
| 2019-11-26 | CVE-2019-15971 | Insufficient Verification of Data Authenticity vulnerability in Cisco Email Security Appliance Firmware A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. | 4.3 |
| 2019-11-26 | CVE-2019-15968 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified CDM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 3.5 |
| 2019-11-26 | CVE-2019-15973 | Cross-site Scripting vulnerability in Cisco Industrial Network Director and Network Level Service A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application. | 4.3 |