Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-21 | CVE-2019-1974 | Improper Authentication vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an administrative user. | 10.0 |
| 2019-08-21 | CVE-2019-1948 | Improper Certificate Validation vulnerability in Cisco Webex Meetings 11.3/39.5 A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data by using an invalid Secure Sockets Layer (SSL) certificate. | 4.3 |
| 2019-08-21 | CVE-2019-1938 | Improper Authentication vulnerability in Cisco UCS Director and UCS Director Express FOR BIG Data A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. | 10.0 |
| 2019-08-21 | CVE-2019-1937 | Improper Authentication vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator privileges, bypassing user authentication. | 9.8 |
| 2019-08-21 | CVE-2019-1936 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. | 7.2 |
| 2019-08-21 | CVE-2019-1935 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. | 10.0 |
| 2019-08-21 | CVE-2019-1908 | Unspecified vulnerability in Cisco products A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. | 5.0 |
| 2019-08-21 | CVE-2019-1907 | Unspecified vulnerability in Cisco products A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to set sensitive configuration values and gain elevated privileges. | 6.5 |
| 2019-08-21 | CVE-2019-1900 | NULL Pointer Dereference vulnerability in Cisco products A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to cause the web server process to crash, causing a denial of service (DoS) condition on an affected system. | 7.8 |
| 2019-08-21 | CVE-2019-1896 | OS Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. | 9.0 |