Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-25 | CVE-2019-12665 | Unspecified vulnerability in Cisco IOS 15.6(2)T/Fd1.5.0 A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. network cisco | 5.8 |
| 2019-09-25 | CVE-2019-12664 | Improper Authentication vulnerability in Cisco IOS XE 16.6.4 A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers (ISRs) could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP authentication. | 7.5 |
| 2019-09-25 | CVE-2019-12663 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1/16.6.4 A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.8 |
| 2019-09-25 | CVE-2019-12662 | Improper Verification of Cryptographic Signature vulnerability in Cisco products A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. | 7.2 |
| 2019-09-25 | CVE-2019-12661 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in a Virtualization Manager (VMAN) related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. | 7.2 |
| 2019-09-25 | CVE-2019-12660 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. | 4.9 |
| 2019-09-25 | CVE-2019-12659 | Improper Input Validation vulnerability in Cisco IOS XE 16.10.1 A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. | 5.0 |
| 2019-09-25 | CVE-2019-12658 | Resource Exhaustion vulnerability in Cisco IOS XE 16.6.1/16.8.1 A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. | 7.8 |
| 2019-09-25 | CVE-2019-12657 | Improper Input Validation vulnerability in Cisco IOS XE 16.3.6 A vulnerability in Unified Threat Defense (UTD) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.8 |
| 2019-09-25 | CVE-2019-12656 | Improper Input Validation vulnerability in Cisco products A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. | 5.0 |