Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-03 | CVE-2019-1587 | Resource Management Errors vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. | 4.0 |
2019-04-18 | CVE-2019-1841 | Improper Input Validation vulnerability in Cisco DNA Center A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. | 5.5 |
2019-04-18 | CVE-2019-1831 | Improper Input Validation vulnerability in Cisco Email Security Appliance 11.1.2023/12.0.0208 A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. | 5.0 |
2019-04-18 | CVE-2019-1830 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software A vulnerability in Locally Significant Certificate (LSC) management for the Cisco Wireless LAN Controller (WLC) could allow an authenticated, remote attacker to cause the device to unexpectedly restart, which causes a denial of service (DoS) condition. | 6.8 |
2019-04-18 | CVE-2019-1826 | Improper Input Validation vulnerability in Cisco Aironet Access Point Firmware 8.5(131.3) A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 5.5 |
2019-04-18 | CVE-2019-1802 | Cross-site Scripting vulnerability in Cisco Firepower Management Center 6.2.3/6.3.0/6.4.0 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.8 |
2019-04-18 | CVE-2019-1800 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
2019-04-18 | CVE-2019-1799 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
2019-04-18 | CVE-2019-1797 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration. | 6.8 |
2019-04-18 | CVE-2019-1796 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |