Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-17 | CVE-2019-1940 | Improper Certificate Validation vulnerability in Cisco Industrial Network Director A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. | 4.3 |
| 2019-07-17 | CVE-2019-1923 | Improper Input Validation vulnerability in Cisco products A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. | 4.6 |
| 2019-07-17 | CVE-2019-1920 | Unspecified vulnerability in Cisco products A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. low complexity cisco | 6.1 |
| 2019-07-06 | CVE-2019-1933 | Improper Input Validation vulnerability in Cisco Email Security Appliance 11.1.2023 A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. | 4.3 |
| 2019-07-06 | CVE-2019-1931 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2019-07-06 | CVE-2019-1930 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2019-07-06 | CVE-2019-1921 | Improper Input Validation vulnerability in Cisco Email Security Appliance 12.0.0419 A vulnerability in the attachment scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. | 5.0 |
| 2019-07-06 | CVE-2019-1911 | Containment Errors (Container Errors) vulnerability in Cisco Hosted Collaboration Solution A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. | 4.6 |
| 2019-07-06 | CVE-2019-1909 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. | 4.3 |
| 2019-07-06 | CVE-2019-1892 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. | 5.0 |