Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-16 | CVE-2019-15244 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-15243 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-15242 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-15241 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-15240 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Spa112 Firmware and Spa122 Firmware Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. | 5.2 |
| 2019-10-16 | CVE-2019-12718 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 4.3 |
| 2019-10-16 | CVE-2019-12708 | Information Exposure vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. | 4.0 |
| 2019-10-16 | CVE-2019-12705 | Cross-site Scripting vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 4.3 |
| 2019-10-16 | CVE-2019-12704 | Path Traversal vulnerability in Cisco Spa112 Firmware and Spa122 Firmware A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to view the contents of arbitrary files on an affected device. | 4.0 |
| 2019-10-16 | CVE-2019-12636 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 6.8 |