Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-18 | CVE-2019-1829 | OS Command Injection vulnerability in Cisco Aironet Access Point Firmware A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) could allow an authenticated, local attacker to gain access to the underlying Linux operating system (OS) without the proper authentication. | 6.7 |
| 2019-04-18 | CVE-2019-1826 | Improper Input Validation vulnerability in Cisco Aironet Access Point Firmware 8.5(131.3) A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 5.7 |
| 2019-04-18 | CVE-2019-1805 | Improper Input Validation vulnerability in Cisco Wireless LAN Controller Software 8.3(141.0) A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. | 4.3 |
| 2019-04-18 | CVE-2019-1802 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center 6.2.3/6.3.0/6.4.0 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.8 |
| 2019-04-18 | CVE-2019-1800 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.5 |
| 2019-04-18 | CVE-2019-1799 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.5 |
| 2019-04-18 | CVE-2019-1796 | Improper Input Validation vulnerability in Cisco products A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.5 |
| 2019-04-18 | CVE-2019-1794 | Uncontrolled Search Path Element vulnerability in Cisco Meeting Server 2.2 A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. | 5.1 |
| 2019-04-18 | CVE-2019-1792 | Cross-site Scripting vulnerability in Cisco Umbrella A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user in a network protected by Umbrella. | 6.1 |
| 2019-04-18 | CVE-2019-1777 | Cross-site Scripting vulnerability in Cisco Registered Envelope Service 5.3.4027 A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the service. | 5.4 |