Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-20 | CVE-2019-1625 | Unspecified vulnerability in Cisco Sd-Wan Firmware A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. | 7.8 |
| 2019-06-20 | CVE-2019-1624 | Command Injection vulnerability in Cisco Sd-Wan A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. | 8.8 |
| 2019-06-05 | CVE-2019-1881 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Industrial Network Director 1.5(0.250) A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2019-06-05 | CVE-2019-1868 | Unspecified vulnerability in Cisco Webex Meetings Server 2.6 A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. | 7.5 |
| 2019-06-05 | CVE-2019-1861 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Industrial Network Director A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. | 7.2 |
| 2019-06-05 | CVE-2019-1845 | Improper Input Validation vulnerability in Cisco products A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, Cisco TelePresence Video Communication Server (VCS), and Cisco Expressway Series could allow an unauthenticated, remote attacker to cause a service outage for users attempting to authenticate, resulting in a denial of service (DoS) condition. | 8.6 |
| 2019-05-16 | CVE-2019-1858 | Improper Handling of Exceptional Conditions vulnerability in Cisco Nx-Os A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. | 8.6 |
| 2019-05-16 | CVE-2019-1853 | Out-of-bounds Read vulnerability in Cisco Anyconnect Secure Mobility Client 4.6(2074) A vulnerability in the HostScan component of Cisco AnyConnect Secure Mobility Client for Linux could allow an unauthenticated, remote attacker to read sensitive information on an affected system. | 7.5 |
| 2019-05-16 | CVE-2019-1846 | Improper Input Validation vulnerability in Cisco IOS XR 5.3.3 A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. | 7.4 |
| 2019-05-16 | CVE-2019-1832 | Protection Mechanism Failure vulnerability in Cisco Firepower Management Center A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. | 7.5 |