Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Filter

3772 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1655 1 Cisco 1 Webex Meetings Server 2019-02-19 4.3
A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected...
CVE-2018-15395 1 Cisco 1 Wireless Lan Controller Software 2019-02-19 2.7
A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. Under normal...
CVE-2018-0378 1 Cisco 1 Nx-os 2019-02-15 7.8
A vulnerability in the Precision Time Protocol (PTP) feature of Cisco Nexus 5500, 5600, and 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an...
CVE-2019-1669 1 Cisco 1 Firepower Threat Defense 2019-02-15 5.0
A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition....
CVE-2019-1668 1 Cisco 1 Socialminer 2019-02-15 4.3
A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. This vulnerability...
CVE-2019-1658 1 Cisco 1 Unified Intelligence Center 2019-02-15 4.3
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device....
CVE-2019-1645 1 Cisco 1 Connected Mobile Experiences 2019-02-15 3.3
A vulnerability in the Cisco Connected Mobile Experiences (CMX) software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking...
CVE-2018-0187 1 Cisco 1 Identity Services Engine 2019-02-15 4.0
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain confidential information for privileged accounts. The vulnerability is due to the improper handling of...
CVE-2019-1650 1 Cisco 7 Vbond Orchestrator, Vmanage Network Management, Vsmart Controller and 4 more 2019-02-15 9.0
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save...
CVE-2019-1647 1 Cisco 1 Vsmart Controller 2019-02-15 7.7
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to bypass authentication and have direct unauthorized access to other vSmart containers. The vulnerability is due to an insecure default configuration of...
CVE-2019-1646 1 Cisco 7 Vbond Orchestrator, Vmanage Network Management, Vsmart Controller and 4 more 2019-02-15 7.2
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for...
CVE-2019-1648 1 Cisco 7 Vbond Orchestrator, Vmanage Network Management, Vsmart Controller and 4 more 2019-02-15 7.2
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain...
CVE-2018-15452 1 Cisco 1 Advanced Malware Protection For Endpoints 2019-02-15 4.6
A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of...
CVE-2018-15437 1 Cisco 2 Advanced Malware Protection For Endpoints, Immunet For Endpoints 2019-02-15 2.1
A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could...
CVE-2019-1652 1 Cisco 2 Rv320 Firmware, Rv325 Firmware 2019-02-15 9.0
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary...
CVE-2019-1653 1 Cisco 2 Rv320 Firmware, Rv325 Firmware 2019-02-15 5.0
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper...
CVE-2018-15464 1 Cisco 1 Asr 900 Series Software 2019-02-15 5.0
A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient...
CVE-2019-1673 1 Cisco 1 Identity Services Engine 2019-02-15 3.5
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The...
CVE-2019-1671 1 Cisco 1 Firepower Management Center 2019-02-14 4.3
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface...
CVE-2018-0449 1 Cisco 1 Jabber 2019-02-14 3.3
A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on an affected device that has elevated privileges....