Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-28 | CVE-2019-1963 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. | 6.5 |
| 2019-08-28 | CVE-2019-1962 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. | 7.5 |
| 2019-08-28 | CVE-2019-12643 | Improper Authentication vulnerability in Cisco IOS XE 15.5(3)S3.16/16.6.5 A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on the managed Cisco IOS XE device. | 10.0 |
| 2019-08-21 | CVE-2019-1984 | Improper Input Validation vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure Sofware A vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite files on the underlying operating system (OS) of an affected device. | 6.5 |
| 2019-08-21 | CVE-2019-1974 | Improper Authentication vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an administrative user. | 9.8 |
| 2019-08-21 | CVE-2019-1948 | Improper Certificate Validation vulnerability in Cisco Webex Meetings 11.3/39.5 A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data by using an invalid Secure Sockets Layer (SSL) certificate. | 5.9 |
| 2019-08-21 | CVE-2019-1938 | Improper Authentication vulnerability in Cisco UCS Director and UCS Director Express for BIG Data A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. | 9.8 |
| 2019-08-21 | CVE-2019-1937 | Improper Authentication vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator privileges, bypassing user authentication. | 9.8 |
| 2019-08-21 | CVE-2019-1936 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. | 7.2 |
| 2019-08-21 | CVE-2019-1935 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. | 9.8 |