Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-18 | CVE-2019-1720 | Improper Input Validation vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the XML API of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected system. | 4.9 |
| 2019-04-18 | CVE-2019-1719 | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.1(0.474) A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 5.4 |
| 2019-04-17 | CVE-2019-1718 | Unspecified vulnerability in Cisco Identity Services Engine 2.1(0.907) A vulnerability in the web interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-04-17 | CVE-2019-1712 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the PIM process to restart, resulting in a denial of service condition on an affected device. | 7.5 |
| 2019-04-17 | CVE-2019-1711 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-04-17 | CVE-2019-1710 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the sysadmin VM. | 9.8 |
| 2019-04-17 | CVE-2019-1686 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. | 8.6 |
| 2019-04-17 | CVE-2019-1654 | Missing Authentication for Critical Function vulnerability in Cisco Ap-Cos A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for root access to the underlying Linux OS. | 7.8 |
| 2019-04-17 | CVE-2018-0382 | Improper Authentication vulnerability in Cisco Wireless LAN Controller Software 8.1(111.0)/8.5(120.0) A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. | 7.5 |
| 2019-04-17 | CVE-2018-0248 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is using this GUI, causing a denial of service (DoS) condition on an affected device. | 4.9 |