Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-15256 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2019-10-02 | CVE-2019-12706 | Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. | 7.5 |
| 2019-10-02 | CVE-2019-12699 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. | 7.8 |
| 2019-10-02 | CVE-2019-12698 | Unspecified vulnerability in Cisco Adaptive Security Appliance A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. | 7.5 |
| 2019-10-02 | CVE-2019-12697 | Unspecified vulnerability in Cisco Firepower Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. | 7.5 |
| 2019-10-02 | CVE-2019-12696 | Unspecified vulnerability in Cisco Firepower Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. | 7.5 |
| 2019-10-02 | CVE-2019-12690 | OS Command Injection vulnerability in Cisco Firepower Management Center A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. | 7.2 |
| 2019-10-02 | CVE-2019-12689 | Improper Input Validation vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. | 8.8 |
| 2019-10-02 | CVE-2019-12688 | Improper Input Validation vulnerability in Cisco Firepower Management Center 6.2.2 A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. | 8.8 |
| 2019-10-02 | CVE-2019-12687 | Improper Input Validation vulnerability in Cisco Firepower Management Center 6.2.2/6.2.3 A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. | 8.8 |