Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-08 | CVE-2019-1673 | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.5(0.353) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 3.5 |
| 2019-02-07 | CVE-2019-1671 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.3 |
| 2019-02-07 | CVE-2019-1670 | Cross-site Scripting vulnerability in Cisco Unified Intelligence Center 9.5(1) A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 4.3 |
| 2019-02-07 | CVE-2019-1661 | Cross-site Scripting vulnerability in Cisco Telepresence Management Suite 15.0 A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2019-02-07 | CVE-2019-1680 | Improper Input Validation vulnerability in Cisco Webex Business Suite and Webex Meetings Online A vulnerability in Cisco Webex Business Suite could allow an unauthenticated, remote attacker to inject arbitrary text into a user's browser. | 4.3 |
| 2019-02-07 | CVE-2019-1679 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host. | 5.0 |
| 2019-02-07 | CVE-2019-1660 | Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence Management Suite A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. | 5.0 |
| 2019-02-07 | CVE-2019-1678 | Improper Input Validation vulnerability in Cisco Meeting Server 2.3.6 A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. | 4.3 |
| 2019-02-07 | CVE-2019-1675 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. | 7.8 |
| 2019-02-07 | CVE-2019-1677 | Cross-site Scripting vulnerability in Cisco Webex Meetings A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. | 4.6 |