Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-06 | CVE-2019-1911 | Containment Errors (Container Errors) vulnerability in Cisco Hosted Collaboration Solution A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. | 7.8 |
| 2019-07-06 | CVE-2019-1909 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. | 5.9 |
| 2019-07-06 | CVE-2019-1894 | Improper Input Validation vulnerability in Cisco Enterprise NFV Infrastructure Software 3.9.1 A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite or read arbitrary files on the underlying operating system (OS) of an affected device. | 7.2 |
| 2019-07-06 | CVE-2019-1893 | OS Command Injection vulnerability in Cisco Enterprise NFV Infrastructure Software 3.9.1 A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. | 7.8 |
| 2019-07-06 | CVE-2019-1892 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. | 7.5 |
| 2019-07-06 | CVE-2019-1891 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-07-06 | CVE-2019-1887 | Out-of-bounds Write vulnerability in Cisco Unified Communications Manager A vulnerability in the Session Initiation Protocol (SIP) protocol implementation of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2019-07-04 | CVE-2019-1890 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller 7.3(0)Zn(0.113) A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. low complexity cisco | 6.5 |
| 2019-07-04 | CVE-2019-1889 | Improper Input Validation vulnerability in Cisco Application Policy Infrastructure Controller 4.1(1J) A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. | 7.2 |
| 2019-07-04 | CVE-2019-1886 | Improper Certificate Validation vulnerability in Cisco Asyncos and web Security Appliance A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |