Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-16 | CVE-2019-1846 | Improper Input Validation vulnerability in Cisco IOS XR 5.3.3 A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. | 6.1 |
| 2019-05-16 | CVE-2019-1833 | Protection Mechanism Failure vulnerability in Cisco Firepower Management Center A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. | 5.0 |
| 2019-05-16 | CVE-2019-1832 | Protection Mechanism Failure vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. | 5.0 |
| 2019-05-16 | CVE-2019-1768 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. | 7.2 |
| 2019-05-16 | CVE-2019-1825 | SQL Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. | 5.5 |
| 2019-05-16 | CVE-2019-1824 | SQL Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. | 5.5 |
| 2019-05-16 | CVE-2019-1823 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. | 9.0 |
| 2019-05-16 | CVE-2019-1822 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. | 7.2 |
| 2019-05-16 | CVE-2019-1821 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. | 10.0 |
| 2019-05-16 | CVE-2019-1820 | Path Traversal vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. | 6.5 |