Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-08 | CVE-2019-1676 | Improper Input Validation vulnerability in Cisco Meeting Server A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Cisco Meeting Server. | 7.5 |
| 2019-02-07 | CVE-2019-1675 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. | 7.5 |
| 2019-01-24 | CVE-2019-1669 | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense 6.3.0/6.4.0 A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. | 8.6 |
| 2019-01-24 | CVE-2019-1658 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 11.6(1) A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 7.4 |
| 2019-01-24 | CVE-2019-1653 | Information Exposure vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. | 7.5 |
| 2019-01-24 | CVE-2019-1652 | OS Command Injection vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. | 7.2 |
| 2019-01-24 | CVE-2019-1651 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Vsmart Controller A vulnerability in the vContainer of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and execute arbitrary code as the root user. | 8.8 |
| 2019-01-24 | CVE-2019-1650 | OS Command Injection vulnerability in Cisco products A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. | 8.8 |
| 2019-01-24 | CVE-2019-1648 | Improper Input Validation vulnerability in Cisco products A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. | 7.8 |
| 2019-01-24 | CVE-2019-1647 | Improper Access Control vulnerability in Cisco Sd-Wan and Vsmart Controller A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers. | 8.0 |