Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-12681 | SQL Injection vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. | 9.0 |
| 2019-10-02 | CVE-2019-12680 | SQL Injection vulnerability in Cisco Firepower Management Center 6.2.2/6.2.3 Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. | 9.0 |
| 2019-10-02 | CVE-2019-12679 | SQL Injection vulnerability in Cisco Firepower Management Center 6.2.2 Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. | 9.0 |
| 2019-10-02 | CVE-2019-12678 | Integer Underflow (Wrap or Wraparound) vulnerability in Cisco products A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-10-02 | CVE-2019-12677 | Improper Handling of Exceptional Conditions vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition that prevents the creation of new SSL/Transport Layer Security (TLS) connections to an affected device. | 6.5 |
| 2019-10-02 | CVE-2019-12676 | Unspecified vulnerability in Cisco Adaptive Security Appliance A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. low complexity cisco | 7.4 |
| 2019-10-02 | CVE-2019-12675 | Improper Encoding or Escaping of Output vulnerability in Cisco products Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. | 7.2 |
| 2019-10-02 | CVE-2019-12674 | Improper Encoding or Escaping of Output vulnerability in Cisco products Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. | 7.2 |
| 2019-10-02 | CVE-2019-12673 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-10-02 | CVE-2019-12631 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 4.3 |