Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-25 | CVE-2019-12647 | NULL Pointer Dereference vulnerability in Cisco IOS XE Fuji16.7.1/Fuji16.8.1 A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-09-25 | CVE-2019-12646 | Improper Initialization vulnerability in Cisco IOS XE A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-09-05 | CVE-2019-1939 | Improper Privilege Management vulnerability in Cisco Webex Teams 3.0.4533 A vulnerability in the Cisco Webex Teams client for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. | 8.8 |
| 2019-09-05 | CVE-2019-12645 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Jabber 12.5(0) A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions on an affected device when it is running Cisco JCF for Mac Software. | 7.8 |
| 2019-09-05 | CVE-2019-12633 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Unified Contact Center Express A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. | 7.5 |
| 2019-09-05 | CVE-2019-12632 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.6(1)/12.0(1)/12.5(1) A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. | 7.5 |
| 2019-08-30 | CVE-2019-1977 | State Issues vulnerability in Cisco Nx-Os A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. | 7.5 |
| 2019-08-30 | CVE-2019-1968 | Improper Encoding or Escaping of Output vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. | 7.5 |
| 2019-08-30 | CVE-2019-1967 | Resource Exhaustion vulnerability in Cisco Nx-Os A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-08-30 | CVE-2019-1966 | Unspecified vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. | 7.8 |