Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-27 | CVE-2019-1737 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XE A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. | 7.8 |
| 2019-03-22 | CVE-2019-1766 | Improper Input Validation vulnerability in Cisco IP Phone 8800 Firmware A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-03-22 | CVE-2019-1765 | Path Traversal vulnerability in Cisco products A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. | 4.0 |
| 2019-03-22 | CVE-2019-1764 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. | 6.8 |
| 2019-03-22 | CVE-2019-1763 | Improper Access Control vulnerability in Cisco products A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. | 5.0 |
| 2019-03-22 | CVE-2019-1716 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. | 7.5 |
| 2019-03-13 | CVE-2019-1723 | Permissions, Privileges, and Access Controls vulnerability in Cisco Common Services Platform Collector 2.7.2/2.8.0/2.8.1 A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote attacker to access an affected device by using an account that has a default, static password. | 10.0 |
| 2019-03-13 | CVE-2018-0389 | Unspecified vulnerability in Cisco Spa514G Firmware A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. | 7.8 |
| 2019-03-11 | CVE-2019-1707 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |
| 2019-03-11 | CVE-2019-1702 | Cross-site Scripting vulnerability in Cisco Enterprise Chat and Email 11.6(1) Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 4.3 |