Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-24 | CVE-2019-1655 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.8 A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. | 6.1 |
| 2019-01-24 | CVE-2019-1645 | Information Exposure vulnerability in Cisco Connected Mobile Experiences 10.2(1.0) A vulnerability in the Cisco Connected Mobile Experiences (CMX) software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. | 4.3 |
| 2019-01-23 | CVE-2019-1643 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.2.0 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 6.1 |
| 2019-01-23 | CVE-2019-1642 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center 6.2.3/6.3.0 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 6.1 |
| 2019-01-23 | CVE-2018-15455 | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.2(0.910)/2.3(0.905)/2.4(0.903) A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. | 6.1 |
| 2019-01-23 | CVE-2018-0187 | Information Exposure vulnerability in Cisco Identity Services Engine 2.4(0.901.1)/2.4(0.901) A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain confidential information for privileged accounts. | 6.5 |
| 2019-01-15 | CVE-2018-15463 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.4(0.357) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. | 6.1 |
| 2019-01-15 | CVE-2018-15440 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.4(0.357) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 6.1 |
| 2019-01-11 | CVE-2018-15467 | Cross-site Scripting vulnerability in Cisco Telepresence Management Suite 15.7 A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2019-01-11 | CVE-2018-15464 | Resource Exhaustion vulnerability in Cisco ASR 900 Series Software 16.6.2 A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. | 5.8 |