Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-23 | CVE-2019-1642 | Cross-site Scripting vulnerability in Cisco Firepower Management Center 6.2.3/6.3.0 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 4.3 |
| 2019-01-23 | CVE-2018-15459 | Unspecified vulnerability in Cisco Identity Services Engine 2.3(0.298)/2.5(0.1) A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. | 6.5 |
| 2019-01-23 | CVE-2018-15455 | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.2(0.910)/2.3(0.905)/2.4(0.903) A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. | 4.3 |
| 2019-01-23 | CVE-2018-0187 | Information Exposure vulnerability in Cisco Identity Services Engine 2.4(0.901.1)/2.4(0.901) A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain confidential information for privileged accounts. | 4.0 |
| 2019-01-15 | CVE-2018-15463 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.4(0.357) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. | 4.3 |
| 2019-01-15 | CVE-2018-15440 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.4(0.357) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 4.3 |
| 2019-01-11 | CVE-2018-15467 | Cross-site Scripting vulnerability in Cisco Telepresence Management Suite 15.7 A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2019-01-11 | CVE-2018-15466 | Missing Authentication for Critical Function vulnerability in Cisco Policy Suite for Mobile 12.0.0 A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access the Graphite web interface. | 4.3 |
| 2019-01-11 | CVE-2018-15464 | Resource Exhaustion vulnerability in Cisco ASR 900 Series Software 16.6.2 A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. | 5.0 |
| 2019-01-10 | CVE-2018-15461 | Cross-site Scripting vulnerability in Cisco Webex Business Suite A vulnerability in the MyWebex component of Cisco Webex Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. | 4.3 |