Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Filter

183 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-12676 1 Cisco 1 Firepower Threat Defense 2019-10-10 3.3
A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an...
CVE-2019-1949 1 Cisco 1 Firepower Management Center 2019-10-09 3.5
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an...
CVE-2019-1890 1 Cisco 1 Application Policy Infrastructure Controller 2019-10-09 3.3
A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security...
CVE-2019-1882 1 Cisco 1 Industrial Network Director 2019-10-09 3.5
A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected...
CVE-2019-1875 1 Cisco 1 Prime Service Catalog 2019-10-09 3.5
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due...
CVE-2019-1835 1 Cisco 1 Aironet Access Point Firmware 2019-10-09 2.1
A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI...
CVE-2019-1834 1 Cisco 1 Aironet Access Point Firmware 2019-10-09 3.3
A vulnerability in the internal packet processing of Cisco Aironet Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected AP if the switch interface where the AP is...
CVE-2019-1808 1 Cisco 1 Nx-os 2019-10-09 2.1
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability...
CVE-2019-1805 1 Cisco 1 Wireless Lan Controller Software 2019-10-09 3.3
A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected...
CVE-2019-1802 1 Cisco 1 Firepower Management Center 2019-10-09 3.5
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of...
CVE-2019-1794 1 Cisco 1 Meeting Server 2019-10-09 3.6
A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit...
CVE-2019-1777 1 Cisco 1 Registered Envelope Service 2019-10-09 3.5
A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the service. The vulnerability is due to...
CVE-2019-1733 1 Cisco 1 Nx-os 2019-10-09 3.5
A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the NX-API Sandbox interface of an affected device....
CVE-2019-1725 1 Cisco 1 Unified Computing System 2019-10-09 3.6
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could...
CVE-2019-1719 1 Cisco 1 Identity Services Engine 2019-10-09 3.5
A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The...
CVE-2019-1707 1 Cisco 1 Dna Center 2019-10-09 3.5
A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The...
CVE-2019-1701 1 Cisco 2 Adaptive Security Appliance Software, Firepower Threat Defense 2019-10-09 3.5
Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack...
CVE-2019-1690 1 Cisco 1 Application Policy Infrastructure Controller 2019-10-09 3.3
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a...
CVE-2019-1677 1 Cisco 1 Webex Meetings 2019-10-09 1.9
A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. The vulnerability is due to insufficient validation of the application input...
CVE-2019-1673 1 Cisco 1 Identity Services Engine 2019-10-09 3.5
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The...