Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-05 | CVE-2019-1981 | Improper Input Validation vulnerability in Cisco products A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.0 |
| 2019-11-05 | CVE-2019-1980 | Improper Authentication vulnerability in Cisco products A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.0 |
| 2019-11-05 | CVE-2019-1978 | Improper Input Validation vulnerability in Cisco products A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.0 |
| 2019-11-05 | CVE-2019-1877 | Improper Authentication vulnerability in Cisco Enterprise Chat and Email 11.6(1)Es9 A vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. | 4.3 |
| 2019-11-05 | CVE-2019-1734 | Unspecified vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. | 5.5 |
| 2019-11-05 | CVE-2019-15966 | Improper Input Validation vulnerability in Cisco Telepresence Advanced Media Gateway 1.1 A vulnerability in the web application of Cisco TelePresence Advanced Media Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.8 |
| 2019-10-16 | CVE-2019-15962 | Incorrect Default Permissions vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. | 6.6 |
| 2019-10-16 | CVE-2019-15282 | Missing Authentication for Critical Function vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. | 5.0 |
| 2019-10-16 | CVE-2019-15273 | Unspecified vulnerability in Cisco Telepresence Collaboration Endpoint Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to overwrite arbitrary files. | 6.6 |
| 2019-10-16 | CVE-2019-15264 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. | 6.1 |