Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-05 | CVE-2019-1981 | Improper Input Validation vulnerability in Cisco products A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.0 |
| 2019-11-05 | CVE-2019-1980 | Improper Authentication vulnerability in Cisco products A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.0 |
| 2019-11-05 | CVE-2019-1978 | Improper Input Validation vulnerability in Cisco products A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.0 |
| 2019-11-05 | CVE-2019-1877 | Improper Authentication vulnerability in Cisco Enterprise Chat and Email 11.6(1)Es9 A vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. | 4.3 |
| 2019-11-05 | CVE-2019-1734 | Unspecified vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. | 5.5 |
| 2019-11-05 | CVE-2019-15966 | Improper Input Validation vulnerability in Cisco Telepresence Advanced Media Gateway 1.1 A vulnerability in the web application of Cisco TelePresence Advanced Media Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.8 |
| 2019-10-29 | CVE-2011-2538 | Injection vulnerability in Cisco Telepresence Video Communication Server Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands. | 9.0 |
| 2019-10-16 | CVE-2019-15962 | Incorrect Default Permissions vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. | 6.6 |
| 2019-10-16 | CVE-2019-15282 | Missing Authentication for Critical Function vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. | 5.0 |
| 2019-10-16 | CVE-2019-15281 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |