Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-24 | CVE-2019-1655 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.8 A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. | 4.3 |
| 2019-01-24 | CVE-2019-1653 | Improper Access Control vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. | 5.0 |
| 2019-01-23 | CVE-2019-1644 | Resource Exhaustion vulnerability in Cisco IOT Field Network Director 4.3(0.20) A vulnerability in the UDP protocol implementation for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to exhaust system resources, resulting in a denial of service (DoS) condition. | 5.0 |
| 2019-01-23 | CVE-2019-1643 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.2.0 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 4.3 |
| 2019-01-23 | CVE-2019-1642 | Cross-site Scripting vulnerability in Cisco Firepower Management Center 6.2.3/6.3.0 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 4.3 |
| 2019-01-23 | CVE-2018-15459 | Unspecified vulnerability in Cisco Identity Services Engine 2.3(0.298)/2.5(0.1) A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. | 6.5 |
| 2019-01-23 | CVE-2018-15455 | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.2(0.910)/2.3(0.905)/2.4(0.903) A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. | 4.3 |
| 2019-01-23 | CVE-2018-0187 | Information Exposure vulnerability in Cisco Identity Services Engine 2.4(0.901.1)/2.4(0.901) A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain confidential information for privileged accounts. | 4.0 |
| 2019-01-15 | CVE-2018-15463 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.4(0.357) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. | 4.3 |
| 2019-01-15 | CVE-2018-15440 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.4(0.357) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. | 4.3 |