Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-16	CVE-2019-15274	Improper Input Validation vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to perform command injections. local low complexity cisco CWE-20	6.7
2019-10-16	CVE-2019-15273	Unspecified vulnerability in Cisco Telepresence Collaboration Endpoint Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to overwrite arbitrary files. local low complexity cisco	4.4
2019-10-16	CVE-2019-15270	Cross-site Scripting vulnerability in Cisco Firepower Management Center Firmware A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. network low complexity cisco CWE-79	5.4
2019-10-16	CVE-2019-15269	Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. network low complexity cisco CWE-79	4.8
2019-10-16	CVE-2019-15268	Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. network low complexity cisco CWE-79	4.8
2019-10-16	CVE-2019-15266	Path Traversal vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. local low complexity cisco CWE-22	4.4
2019-10-16	CVE-2019-15265	Improper Input Validation vulnerability in Cisco products A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. low complexity cisco CWE-20	6.5
2019-10-16	CVE-2019-15264	Resource Exhaustion vulnerability in Cisco products A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. low complexity cisco CWE-400	6.5
2019-10-16	CVE-2019-15258	NULL Pointer Dereference vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco CWE-476	6.5
2019-10-16	CVE-2019-15257	Unspecified vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. network low complexity cisco	6.5