Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-18 | CVE-2019-1826 | Improper Input Validation vulnerability in Cisco Aironet Access Point Firmware 8.5(131.3) A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 5.5 |
| 2019-04-18 | CVE-2019-1805 | Improper Access Control vulnerability in Cisco Wireless LAN Controller Software 8.3(141.0) A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. | 3.3 |
| 2019-04-18 | CVE-2019-1802 | Cross-site Scripting vulnerability in Cisco Firepower Management Center 6.2.3/6.3.0/6.4.0 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.8 |
| 2019-04-18 | CVE-2019-1800 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
| 2019-04-18 | CVE-2019-1799 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
| 2019-04-18 | CVE-2019-1797 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration. | 6.8 |
| 2019-04-18 | CVE-2019-1796 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
| 2019-04-18 | CVE-2019-1794 | Uncontrolled Search Path Element vulnerability in Cisco Meeting Server 2.2 A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. | 5.1 |
| 2019-04-18 | CVE-2019-1792 | Cross-site Scripting vulnerability in Cisco Umbrella A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user in a network protected by Umbrella. | 6.1 |
| 2019-04-18 | CVE-2019-1777 | Cross-site Scripting vulnerability in Cisco Registered Envelope Service 5.3.4027 A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the service. | 5.4 |