Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-07 | CVE-2019-1670 | Cross-site Scripting vulnerability in Cisco Unified Intelligence Center 9.5(1) A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |
| 2019-02-07 | CVE-2019-1661 | Cross-site Scripting vulnerability in Cisco Telepresence Management Suite 15.0 A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2019-02-07 | CVE-2019-1680 | Improper Input Validation vulnerability in Cisco Webex Business Suite and Webex Meetings Online A vulnerability in Cisco Webex Business Suite could allow an unauthenticated, remote attacker to inject arbitrary text into a user's browser. | 4.3 |
| 2019-02-07 | CVE-2019-1679 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host. | 5.0 |
| 2019-02-07 | CVE-2019-1660 | Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence Management Suite A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. | 5.3 |
| 2019-02-07 | CVE-2019-1678 | Improper Input Validation vulnerability in Cisco Meeting Server 2.3.6 A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. | 4.3 |
| 2019-02-07 | CVE-2019-1677 | Cross-site Scripting vulnerability in Cisco Webex Meetings A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. | 4.6 |
| 2019-01-24 | CVE-2019-1668 | Cross-site Scripting vulnerability in Cisco Socialminer 11.6(1)/11.6(2)/12.0(1) A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. | 6.1 |
| 2019-01-24 | CVE-2019-1657 | Unspecified vulnerability in Cisco AMP Threat Grid Appliance and AMP Threat Grid Cloud A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. | 4.3 |
| 2019-01-24 | CVE-2019-1656 | Improper Input Validation vulnerability in Cisco Enterprise NFV Infrastructure Software 3.9.1 A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to access the shell of the underlying Linux operating system on the affected device. | 5.3 |