Vulnerabilities > Cisco > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-15 | CVE-2012-0334 | Improper Input Validation vulnerability in Cisco Ironport web Security Appliance Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks | 3.2 |
2019-11-26 | CVE-2019-15968 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified CDM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 3.5 |
2019-11-26 | CVE-2019-15967 | Unspecified vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, local attacker to enable audio recording without notifying users. | 2.1 |
2019-10-16 | CVE-2019-12637 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web-based management interface. | 3.5 |
2019-10-16 | CVE-2019-12638 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web-based management interface. | 3.5 |
2019-10-16 | CVE-2019-12702 | Cross-site Scripting vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to conduct cross-site scripting attacks. | 3.5 |
2019-10-16 | CVE-2019-12703 | Cross-site Scripting vulnerability in Cisco Spa122 Firmware 1.4.1 A vulnerability in the web-based management interface of Cisco SPA122 ATA with Router Devices could allow an unauthenticated, adjacent attacker to conduct cross-site scripting attacks. | 2.9 |
2019-10-16 | CVE-2019-15265 | Improper Input Validation vulnerability in Cisco products A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. | 2.1 |
2019-10-16 | CVE-2019-15266 | Path Traversal vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. | 2.1 |
2019-10-16 | CVE-2019-15268 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 3.5 |