Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-17 | CVE-2019-1942 | SQL Injection vulnerability in Cisco Identity Services Engine A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. | 4.0 |
| 2019-07-17 | CVE-2019-1941 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2019-07-17 | CVE-2019-1940 | Improper Certificate Validation vulnerability in Cisco Industrial Network Director A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. | 4.3 |
| 2019-07-17 | CVE-2019-1923 | Improper Input Validation vulnerability in Cisco products A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. | 4.6 |
| 2019-07-17 | CVE-2019-1920 | Unspecified vulnerability in Cisco products A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. low complexity cisco | 6.1 |
| 2019-07-17 | CVE-2019-1919 | Use of Hard-coded Credentials vulnerability in Cisco Findit Network Manager and Findit Network Probe A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could allow an unauthenticated, local attacker who has access to the VM console to log in to the device with a static account that has root privileges. | 7.2 |
| 2019-07-17 | CVE-2019-1917 | Improper Authentication vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system. | 10.0 |
| 2019-07-10 | CVE-2019-1873 | Improper Input Validation vulnerability in Cisco products A vulnerability in the cryptographic driver for Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly. | 7.8 |
| 2019-07-06 | CVE-2019-1933 | Improper Input Validation vulnerability in Cisco Email Security Appliance 11.1.2023 A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. | 4.3 |
| 2019-07-06 | CVE-2019-1932 | Insufficient Verification of Data Authenticity vulnerability in Cisco Advanced Malware Protection FOR Endpoints 6.2(3) A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. | 7.2 |