Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Filter

4168 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1975 1 Cisco 5 Hyperflex Hx220c Af M5 Firmware, Hyperflex Hx220c Edge M5 Firmware, Hyperflex Hx220c M5 Firmware and 2 more 2019-10-09 4.3
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe...
CVE-2019-1974 1 Cisco 3 Integrated Management Controller Supervisor, Ucs Director, Ucs Director Express For Big Data 2019-10-09 10.0
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user...
CVE-2019-1970 1 Cisco 2 Firepower Management Center, Firepower Threat Defense 2019-10-09 5.0
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on...
CVE-2019-1969 1 Cisco 1 Nx-os 2019-10-09 5.0
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even...
CVE-2019-1968 1 Cisco 1 Nx-os 2019-10-09 5.0
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a...
CVE-2019-1967 1 Cisco 1 Nx-os 2019-10-09 7.8
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of...
CVE-2019-1966 1 Cisco 2 Unified Computing System, Nx-os 2019-10-09 7.2
A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device....
CVE-2019-1965 1 Cisco 1 Nx-os 2019-10-09 4.0
A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. This can lead to a build-up of VSH processes that...
CVE-2019-1964 1 Cisco 1 Nx-os 2019-10-09 7.8
A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. The vulnerability is due to improper validation...
CVE-2019-1963 1 Cisco 1 Nx-os 2019-10-09 6.8
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart...
CVE-2019-1962 1 Cisco 1 Nx-os 2019-10-09 7.8
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The...
CVE-2019-1958 1 Cisco 1 Hyperflex Hx Data Platform 2019-10-09 6.8
A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to...
CVE-2019-1955 1 Cisco 1 Email Security Appliance Firmware 2019-10-09 5.0
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The...
CVE-2019-1954 1 Cisco 1 Webex Meetings Server 2019-10-09 5.8
A vulnerability in the web-based management interface of Cisco Webex Meetings Server Software could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of...
CVE-2019-1951 1 Cisco 1 Sd-wan Firmware 2019-10-09 5.0
A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected...
CVE-2019-1949 1 Cisco 1 Firepower Management Center 2019-10-09 3.5
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an...
CVE-2019-1945 1 Cisco 1 Adaptive Security Appliance Software 2019-10-09 4.6
Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being...
CVE-2019-1944 1 Cisco 1 Adaptive Security Appliance Software 2019-10-09 4.4
Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being...
CVE-2019-1943 1 Cisco 57 Sf200-24 Firmware, Sf200-24fp Firmware, Sf200-24p Firmware and 54 more 2019-10-09 5.8
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input...
CVE-2019-1942 1 Cisco 1 Identity Services Engine 2019-10-09 4.0
A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due...