Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-24 | CVE-2019-1668 | Cross-site Scripting vulnerability in Cisco Socialminer 11.6(1)/11.6(2)/12.0(1) A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. | 6.1 |
| 2019-01-24 | CVE-2019-1658 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 11.6(1) A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 7.4 |
| 2019-01-24 | CVE-2019-1657 | Unspecified vulnerability in Cisco AMP Threat Grid Appliance and AMP Threat Grid Cloud A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. | 4.3 |
| 2019-01-24 | CVE-2019-1656 | Improper Input Validation vulnerability in Cisco Enterprise NFV Infrastructure Software 3.9.1 A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to access the shell of the underlying Linux operating system on the affected device. | 5.3 |
| 2019-01-24 | CVE-2019-1655 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.8 A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. | 6.1 |
| 2019-01-24 | CVE-2019-1653 | Information Exposure vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. | 7.5 |
| 2019-01-24 | CVE-2019-1652 | OS Command Injection vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. | 7.2 |
| 2019-01-24 | CVE-2019-1651 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Vsmart Controller A vulnerability in the vContainer of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and execute arbitrary code as the root user. | 8.8 |
| 2019-01-24 | CVE-2019-1650 | OS Command Injection vulnerability in Cisco products A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. | 8.8 |
| 2019-01-24 | CVE-2019-1648 | Improper Input Validation vulnerability in Cisco products A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. | 7.8 |