Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-03 | CVE-2019-1635 | Improper Handling of Exceptional Conditions vulnerability in Cisco products A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. | 7.5 |
| 2019-05-03 | CVE-2019-1592 | Improper Input Validation vulnerability in Cisco Nx-Os 14.1(0.90) A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. | 7.8 |
| 2019-05-03 | CVE-2019-1590 | Improper Certificate Validation vulnerability in Cisco Nx-Os 14.1(0.90)/8.3(0)Sk(0.39) A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. | 8.1 |
| 2019-05-03 | CVE-2019-1589 | Missing Encryption of Sensitive Data vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. | 4.6 |
| 2019-05-03 | CVE-2019-1587 | Improper Input Validation vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. | 4.3 |
| 2019-05-03 | CVE-2019-1586 | Incomplete Cleanup vulnerability in Cisco Application Policy Infrastructure Controller 4.1(0.90A) A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device. | 4.6 |
| 2019-05-03 | CVE-2018-15462 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-05-03 | CVE-2018-15388 | Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. | 8.6 |
| 2019-04-18 | CVE-2019-1841 | Improper Input Validation vulnerability in Cisco DNA Center A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. | 8.1 |
| 2019-04-18 | CVE-2019-1840 | Improper Initialization vulnerability in Cisco Prime Network Registrar A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. | 7.5 |