Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-28 | CVE-2019-1965 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco Nx-Os A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. | 7.7 |
| 2019-08-28 | CVE-2019-1964 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. | 7.5 |
| 2019-08-28 | CVE-2019-1962 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. | 7.5 |
| 2019-08-21 | CVE-2019-1936 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root user. | 7.2 |
| 2019-08-21 | CVE-2019-1908 | Unspecified vulnerability in Cisco products A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. | 7.5 |
| 2019-08-21 | CVE-2019-1907 | Unspecified vulnerability in Cisco products A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to set sensitive configuration values and gain elevated privileges. | 8.8 |
| 2019-08-21 | CVE-2019-1900 | NULL Pointer Dereference vulnerability in Cisco products A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to cause the web server process to crash, causing a denial of service (DoS) condition on an affected system. | 7.5 |
| 2019-08-21 | CVE-2019-1896 | OS Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. | 7.2 |
| 2019-08-21 | CVE-2019-1885 | OS Command Injection vulnerability in Cisco products A vulnerability in the Redfish protocol of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. | 7.2 |
| 2019-08-21 | CVE-2019-1883 | OS Command Injection vulnerability in Cisco products A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. | 7.8 |