Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-06 | CVE-2019-1595 | Improper Control of Dynamically-Managed Code Resources vulnerability in Cisco Nx-Os A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.1 |
| 2019-03-06 | CVE-2019-1594 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.1 |
| 2019-02-21 | CVE-2019-1700 | Resource Management Errors vulnerability in Cisco Firepower 9000 Firmware 2.2(200.8) A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 5.7 |
| 2019-02-21 | CVE-2019-1698 | XXE vulnerability in Cisco IOT Field Network Director A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. | 4.0 |
| 2019-02-21 | CVE-2019-1691 | Improper Handling of Exceptional Conditions vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. | 5.0 |
| 2019-02-21 | CVE-2019-1685 | Cross-site Scripting vulnerability in Cisco Unity Connection 12.5 A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2019-02-21 | CVE-2019-1684 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. | 6.1 |
| 2019-02-21 | CVE-2019-1666 | Improper Access Control vulnerability in Cisco Hyperflex HX Data Platform A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service. | 5.0 |
| 2019-02-21 | CVE-2019-1665 | Cross-site Scripting vulnerability in Cisco Hyperflex HX Data Platform A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.3 |
| 2019-02-21 | CVE-2019-1662 | Improper Authentication vulnerability in Cisco Prime Collaboration Assurance A vulnerability in the Quality of Voice Reporting (QOVR) service of Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to access the system as a valid user. | 6.4 |