Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-06 | CVE-2019-15984 | SQL Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. | 7.2 |
| 2020-01-06 | CVE-2019-15978 | OS Command Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). | 7.2 |
| 2020-01-06 | CVE-2019-15977 | Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 7.5 |
| 2019-11-26 | CVE-2019-15997 | OS Command Injection vulnerability in Cisco DNA Spaces: Connector A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. | 7.2 |
| 2019-11-26 | CVE-2019-15996 | OS Command Injection vulnerability in Cisco DNA Spaces: Connector 2.0 A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. | 7.2 |
| 2019-11-26 | CVE-2019-15986 | Improper Input Validation vulnerability in Cisco Unity Express 9.0.6 A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 7.2 |
| 2019-10-16 | CVE-2019-15277 | OS Command Injection vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to execute code with root privileges. | 7.2 |
| 2019-10-16 | CVE-2019-15275 | OS Command Injection vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. | 7.2 |
| 2019-10-16 | CVE-2019-15274 | Improper Input Validation vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to perform command injections. | 7.2 |
| 2019-10-16 | CVE-2019-15262 | Improper Resource Shutdown or Release vulnerability in Cisco products A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |