Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-25 | CVE-2019-12658 | Unspecified vulnerability in Cisco IOS XE 16.6.1/16.8.1 A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. | 7.5 |
| 2019-09-25 | CVE-2019-12657 | Improper Input Validation vulnerability in Cisco IOS XE 16.3.6 A vulnerability in Unified Threat Defense (UTD) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-09-25 | CVE-2019-12656 | Unspecified vulnerability in Cisco products A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-09-25 | CVE-2019-12655 | Classic Buffer Overflow vulnerability in Cisco IOS A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-09-25 | CVE-2019-12654 | NULL Pointer Dereference vulnerability in Cisco IOS XE 15.6(1)S4.2/16.3.8/16.9.1 A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-09-25 | CVE-2019-12653 | Improper Input Validation vulnerability in Cisco IOS XE 16.10.1/16.9 A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-09-25 | CVE-2019-12652 | Unspecified vulnerability in Cisco IOS 15.2(3)E1/15.2(4)E3 A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-09-25 | CVE-2019-12651 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. | 8.8 |
| 2019-09-25 | CVE-2019-12650 | OS Command Injection vulnerability in Cisco IOS and IOS XE Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. | 8.8 |
| 2019-09-25 | CVE-2019-12648 | Incorrect Authorization vulnerability in Cisco IOS 15.7(3)M3 A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. | 8.8 |