Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-24 | CVE-2019-1648 | Permissions, Privileges, and Access Controls vulnerability in Cisco products A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. | 7.2 |
| 2019-01-24 | CVE-2019-1647 | Improper Access Control vulnerability in Cisco Sd-Wan and Vsmart Controller A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers. | 7.7 |
| 2019-01-24 | CVE-2019-1646 | Permissions, Privileges, and Access Controls vulnerability in Cisco products A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. | 7.2 |
| 2019-01-24 | CVE-2019-1645 | Information Exposure vulnerability in Cisco Connected Mobile Experiences 10.2(1.0) A vulnerability in the Cisco Connected Mobile Experiences (CMX) software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. | 3.3 |
| 2019-01-23 | CVE-2019-1644 | Resource Exhaustion vulnerability in Cisco IOT Field Network Director 4.3(0.20) A vulnerability in the UDP protocol implementation for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to exhaust system resources, resulting in a denial of service (DoS) condition. | 5.0 |
| 2019-01-23 | CVE-2019-1643 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.2.0 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 4.3 |
| 2019-01-23 | CVE-2019-1642 | Cross-site Scripting vulnerability in Cisco Firepower Management Center 6.2.3/6.3.0 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 4.3 |
| 2019-01-23 | CVE-2019-1641 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Meetings Online and Webex Meetings Server A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 9.3 |
| 2019-01-23 | CVE-2019-1640 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Meetings Online and Webex Meetings Server A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 9.3 |
| 2019-01-23 | CVE-2019-1639 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Meetings Online and Webex Meetings Server A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 9.3 |