Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-25 | CVE-2019-12646 | Improper Initialization vulnerability in Cisco IOS XE A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-09-05 | CVE-2019-12645 | Improper Input Validation vulnerability in Cisco Jabber 12.5(0) A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected device when it is running Cisco JCF for Mac Software. | 7.2 |
| 2019-08-30 | CVE-2019-1967 | Resource Exhaustion vulnerability in Cisco Nx-Os A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
| 2019-08-30 | CVE-2019-1966 | Unspecified vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. | 7.2 |
| 2019-08-28 | CVE-2019-1964 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. | 7.8 |
| 2019-08-28 | CVE-2019-1962 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. | 7.8 |
| 2019-08-21 | CVE-2019-1936 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. | 7.2 |
| 2019-08-21 | CVE-2019-1900 | NULL Pointer Dereference vulnerability in Cisco products A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to cause the web server process to crash, causing a denial of service (DoS) condition on an affected system. | 7.8 |
| 2019-08-21 | CVE-2019-1883 | OS Command Injection vulnerability in Cisco products A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. | 7.2 |
| 2019-08-21 | CVE-2019-1839 | OS Command Injection vulnerability in Cisco products A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. | 7.2 |