Vulnerabilities > Cisco > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-08 | CVE-2019-1973 | Cross-site Scripting vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure 3.11.1/3.5.1/3.5.2 A vulnerability in the web portal framework of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 3.5 |
| 2019-07-04 | CVE-2019-1890 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller 7.3(0)Zn(0.113) A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. low complexity cisco | 3.3 |
| 2019-06-20 | CVE-2019-1628 | Integer Underflow (Wrap or Wraparound) vulnerability in Cisco products A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition on an affected device. | 2.1 |
| 2019-06-20 | CVE-2019-1630 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. | 2.1 |
| 2019-06-20 | CVE-2019-1875 | Cross-site Scripting vulnerability in Cisco Prime Service Catalog A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 3.5 |
| 2019-06-05 | CVE-2019-1880 | Insufficient Verification of Data Authenticity vulnerability in Cisco Unified Computing System Server Firmware A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. | 2.1 |
| 2019-06-05 | CVE-2019-1882 | Cross-site Scripting vulnerability in Cisco Industrial Network Director 1.5(0.250) A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. | 3.5 |
| 2019-05-15 | CVE-2019-1731 | Information Exposure vulnerability in Cisco Nx-Os A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. | 2.1 |
| 2019-05-15 | CVE-2019-1733 | Cross-site Scripting vulnerability in Cisco Nx-Os A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device. | 3.5 |
| 2019-05-03 | CVE-2019-1838 | Cross-site Scripting vulnerability in Cisco Application Policy Infrastructure Controller 3.2(5D)/4.0(3D) A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |