Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-06 | CVE-2019-15982 | Path Traversal vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 7.2 |
| 2020-01-06 | CVE-2019-15981 | Path Traversal vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 7.2 |
| 2020-01-06 | CVE-2019-15980 | Path Traversal vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 7.2 |
| 2020-01-06 | CVE-2019-15979 | OS Command Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). | 7.2 |
| 2020-01-06 | CVE-2019-15978 | OS Command Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS). | 7.2 |
| 2020-01-06 | CVE-2019-15977 | Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 7.5 |
| 2019-11-26 | CVE-2019-15972 | SQL Injection vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.8 |
| 2019-11-26 | CVE-2019-15956 | Unspecified vulnerability in Cisco Asyncos and web Security Appliance A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. | 8.8 |
| 2019-11-26 | CVE-2019-15288 | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE), Cisco TelePresence Codec (TC), and Cisco RoomOS Software could allow an authenticated, remote attacker to escalate privileges to an unrestricted user of the restricted shell. | 8.8 |
| 2019-11-26 | CVE-2019-15286 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Business Suite Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 7.8 |