Vulnerabilities > Cisco > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-28 | CVE-2019-1762 | Information Exposure vulnerability in Cisco IOS and IOS XE A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. | 2.1 |
2019-03-11 | CVE-2019-1690 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. low complexity cisco | 3.3 |
2019-03-11 | CVE-2019-1707 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |
2019-03-06 | CVE-2019-1588 | Improper Privilege Management vulnerability in Cisco Nx-Os A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected device. | 2.1 |
2019-02-21 | CVE-2019-1667 | Incorrect Authorization vulnerability in Cisco Hyperflex HX Data Platform A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. | 2.1 |
2019-02-08 | CVE-2019-1673 | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.5(0.353) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 3.5 |
2019-01-24 | CVE-2019-1645 | Information Exposure vulnerability in Cisco Connected Mobile Experiences 10.2(1.0) A vulnerability in the Cisco Connected Mobile Experiences (CMX) software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. | 3.3 |
2019-01-10 | CVE-2018-0483 | Cross-site Scripting vulnerability in Cisco Jabber 10.0(0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. | 3.5 |
2019-01-10 | CVE-2018-0449 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Jabber 12.1(0) A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges. | 3.3 |
2019-01-10 | CVE-2018-0482 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5(0.0) A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system. | 3.5 |