Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Filter

4168 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-12707 1 Cisco 3 Unified Communications Manager, Unified Communications Manager Im And Presence Service, Unity Connection 2019-10-11 4.3
A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected...
CVE-2019-12700 1 Cisco 4 Firepower Management Center, Firepower Threat Defense, Firepower 9300 Firmware and 1 more 2019-10-11 6.8
A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated,...
CVE-2019-12701 1 Cisco 1 Firepower Management Center 2019-10-10 5.0
A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The...
CVE-2019-15259 1 Cisco 1 Unified Contact Center Express 2019-10-10 4.3
A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. The vulnerability is due to insufficient input validation of some parameters...
CVE-2019-15256 1 Cisco 13 Adaptive Security Appliance Software, Firepower Threat Defense, Asa 5505 Firmware and 10 more 2019-10-10 7.8
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an...
CVE-2019-12706 1 Cisco 1 Email Security Appliance Firmware 2019-10-10 5.0
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The...
CVE-2019-12687 1 Cisco 1 Firepower Management Center 2019-10-10 9.0
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An attacker...
CVE-2019-12688 1 Cisco 1 Firepower Management Center 2019-10-10 9.0
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An attacker...
CVE-2019-12689 1 Cisco 1 Firepower Management Center 2019-10-10 9.0
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. The...
CVE-2019-12690 1 Cisco 1 Firepower Management Center 2019-10-10 9.0
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with the privileges of the root user of the underlying operating system. The...
CVE-2019-12691 1 Cisco 1 Firepower Management Center 2019-10-10 4.0
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to...
CVE-2019-12694 1 Cisco 1 Firepower Threat Defense 2019-10-10 7.2
A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root...
CVE-2019-12699 1 Cisco 2 Firepower Threat Defense, Firepower 9300 Firmware 2019-10-10 7.2
Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These...
CVE-2019-12698 1 Cisco 1 Firepower Threat Defense 2019-10-10 7.8
A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device....
CVE-2019-12697 1 Cisco 1 Firepower 2019-10-10 5.0
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these...
CVE-2019-12696 1 Cisco 1 Firepower 2019-10-10 5.0
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these...
CVE-2019-12695 1 Cisco 1 Firepower Threat Defense 2019-10-10 4.3
A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack...
CVE-2019-12676 1 Cisco 1 Firepower Threat Defense 2019-10-10 3.3
A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an...
CVE-2019-1977 1 Cisco 1 Nx-os 2019-10-09 4.3
A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an...
CVE-2019-1976 1 Cisco 1 Network Level Service 2019-10-09 5.0
A vulnerability in the “plug-and-play” services component of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to...