Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-15259 | Injection vulnerability in Cisco Unified Contact Center Express A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. | 4.3 |
| 2019-10-02 | CVE-2019-15256 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2019-10-02 | CVE-2019-12716 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 6.1 |
| 2019-10-02 | CVE-2019-12715 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. | 6.1 |
| 2019-10-02 | CVE-2019-12714 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Ic3000 Industrial Compute Gateway Firmware 1.0.1 A vulnerability in the web-based management interface of Cisco IC3000 Industrial Compute Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 4.0 |
| 2019-10-02 | CVE-2019-12713 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 6.1 |
| 2019-10-02 | CVE-2019-12712 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.7 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 6.1 |
| 2019-10-02 | CVE-2019-12711 | XXE vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS) condition. | 6.4 |
| 2019-10-02 | CVE-2019-12710 | SQL Injection vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an authenticated, remote attacker to impact the confidentiality of an affected system by executing arbitrary SQL queries. | 4.0 |
| 2019-10-02 | CVE-2019-12707 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. | 4.3 |