Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Filter

4168 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1886 1 Cisco 2 Web Security Appliance, Asyncos 2019-10-09 5.0
A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure...
CVE-2019-1885 1 Cisco 1 Unified Computing System 2019-10-09 9.0
A vulnerability in the Redfish protocol of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to...
CVE-2019-1884 1 Cisco 2 Web Security Appliance, Asyncos 2019-10-09 4.0
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is...
CVE-2019-1883 1 Cisco 1 Unified Computing System 2019-10-09 7.2
A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges....
CVE-2019-1882 1 Cisco 1 Industrial Network Director 2019-10-09 3.5
A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected...
CVE-2019-1881 1 Cisco 1 Industrial Network Director 2019-10-09 6.8
A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected...
CVE-2019-1879 1 Cisco 2 Integrated Management Controller, Unified Computing System 2019-10-09 7.2
A vulnerability in the CLI of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of...
CVE-2019-1876 1 Cisco 1 Wide Area Application Services 2019-10-09 5.0
A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. The vulnerability is due to insufficient...
CVE-2019-1875 1 Cisco 1 Prime Service Catalog 2019-10-09 3.5
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due...
CVE-2019-1873 1 Cisco 5 Asa 5506-x Firmware, Asa 5506h-x Firmware, Asa 5506w-x Firmware and 2 more 2019-10-09 7.8
A vulnerability in the cryptographic driver for Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly. The...
CVE-2019-1872 1 Cisco 1 Telepresence Video Communication Server 2019-10-09 5.0
A vulnerability in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Series software could allow an unauthenticated, remote attacker to cause an affected system to send arbitrary network requests. The vulnerability is due...
CVE-2019-1871 1 Cisco 1 Unified Computing System 2019-10-09 9.0
A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root...
CVE-2019-1870 1 Cisco 1 Enterprise Chat And Email 2019-10-09 4.3
A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management...
CVE-2019-1869 1 Cisco 1 Staros 2019-10-09 5.0
A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in...
CVE-2019-1868 1 Cisco 1 Webex Meetings Server 2019-10-09 5.0
A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to improper access control to files within the...
CVE-2019-1865 1 Cisco 1 Unified Computing System 2019-10-09 9.0
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected...
CVE-2019-1864 1 Cisco 1 Unified Computing System 2019-10-09 9.0
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected...
CVE-2019-1863 1 Cisco 1 Unified Computing System 2019-10-09 9.0
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to...
CVE-2019-1858 1 Cisco 1 Nx-os 2019-10-09 5.0
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which...
CVE-2019-1855 1 Cisco 1 Jabber 2019-10-09 9.3
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to...