Skip to main content

Cisco

5526 CVEs vendor

Monthly

CVE-2019-1758 MEDIUM PATCH This Month

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Cisco Apple iOS
NVD
CVSS 3.0
4.3
EPSS
0.6%
CVE-2019-1757 MEDIUM This Month

A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Apple Information Disclosure iOS Ios Xe
NVD
CVSS 3.1
5.9
EPSS
1.1%
CVE-2019-1756 HIGH PATCH This Week

A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure iOS Ios Xe
NVD
CVSS 3.0
7.2
EPSS
3.8%
CVE-2019-1755 HIGH PATCH This Week

A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure Ios Xe
NVD
CVSS 3.0
7.2
EPSS
3.5%
CVE-2019-1754 HIGH PATCH This Week

A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure Ios Xe
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2019-1753 HIGH PATCH This Week

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure Ios Xe
NVD
CVSS 3.0
8.8
EPSS
3.8%
CVE-2019-1752 HIGH PATCH This Week

A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-1751 HIGH PATCH This Week

A vulnerability in the Network Address Translation 64 (NAT64) functions of Cisco IOS Software could allow an unauthenticated, remote attacker to cause either an interface queue wedge or a device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2019-1750 HIGH PATCH This Week

A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Apple Ios Xe
NVD
CVSS 3.0
7.4
EPSS
0.7%
CVE-2019-1749 HIGH PATCH This Week

A vulnerability in the ingress traffic validation of Cisco IOS XE Software for Cisco Aggregation Services Router (ASR) 900 Route Switch Processor 3 (RSP3) could allow an unauthenticated, adjacent. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Apple Ios Xe
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2019-1748 HIGH PATCH This Week

A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Cisco Apple Information Disclosure iOS +1
NVD
CVSS 3.1
7.4
EPSS
1.2%
CVE-2019-1747 HIGH PATCH This Week

A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
8.6
EPSS
2.4%
CVE-2019-1746 MEDIUM PATCH This Month

A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-1745 HIGH PATCH This Week

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Cisco Apple Command Injection Ios Xe
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-1743 HIGH PATCH This Week

A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote attacker to make unauthorized changes to the filesystem of the affected device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Cisco Apple Ios Xe
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2019-1742 MEDIUM PATCH This Month

A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access sensitive configuration information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Apple Information Disclosure Ios Xe
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-1741 HIGH PATCH This Week

A vulnerability in the Cisco Encrypted Traffic Analytics (ETA) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple Ios Xe
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-1740 HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple Ios Xe iOS
NVD
CVSS 3.1
8.6
EPSS
2.2%
CVE-2019-1739 HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-1738 HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple iOS Ios Xe
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-1737 HIGH PATCH This Week

A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Cisco Apple Ios Xe iOS
NVD
CVSS 3.1
8.6
EPSS
2.6%
CVE-2019-1766 HIGH This Week

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Phone 8800 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2019-1765 MEDIUM This Month

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cisco Ip Phone 8821 Firmware Ip Phone 8821 Ex Firmware Ip Conference Phone 8832 Firmware +1
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2019-1764 HIGH This Week

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Ip Phone 8821 Firmware Ip Phone 8821 Ex Firmware Ip Conference Phone 8832 Firmware +1
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2019-1763 HIGH This Week

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Cisco Ip Phone 8821 Firmware Ip Phone 8821 Ex Firmware +2
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2019-1716 CRITICAL Act Now

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco RCE Ip Phone 8821 Firmware Ip Phone 8821 Ex Firmware +3
NVD
CVSS 3.0
9.8
EPSS
3.1%
CVE-2019-1723 CRITICAL PATCH Act Now

A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote attacker to access an affected device by using an account that has a default, static. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Cisco Common Services Platform Collector
NVD
CVSS 3.1
9.8
EPSS
5.8%
CVE-2019-1707 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Catalyst Center
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2019-1702 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Enterprise Chat And Email
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2019-1690 MEDIUM This Month

A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Application Policy Infrastructure Controller
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-1618 HIGH This Week

A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco RCE Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-1617 HIGH POC This Week

A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
7.4
EPSS
1.5%
CVE-2019-1616 HIGH This Week

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco Nx Os
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2019-1615 MEDIUM This Month

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Information Disclosure Nx Os
NVD
CVSS 3.0
6.7
EPSS
0.2%
CVE-2019-1614 HIGH This Week

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2019-1613 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1612 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.0
6.7
EPSS
0.5%
CVE-2019-1611 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os Fx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1610 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1609 MEDIUM PATCH This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2019-1608 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1607 MEDIUM PATCH This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1606 HIGH PATCH This Week

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-1605 HIGH PATCH This Week

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Cisco RCE Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-1604 HIGH PATCH This Week

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-1603 HIGH PATCH This Week

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-1602 HIGH PATCH This Week

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Information Disclosure Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-1601 HIGH PATCH This Week

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-1600 MEDIUM PATCH This Month

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Privilege Escalation Cisco Firepower Extensible Operating System Nx Os
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2019-1599 HIGH PATCH This Week

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft VMware Cisco Nx Os
NVD
CVSS 3.1
8.6
EPSS
14.2%
CVE-2019-1598 HIGH PATCH This Week

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Firepower Extensible Operating System Nx Os
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2019-1597 HIGH PATCH This Week

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Firepower Extensible Operating System Nx Os
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2019-1596 HIGH PATCH This Week

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-1595 MEDIUM PATCH This Month

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-1594 HIGH PATCH This Week

A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Denial Of Service Cisco VMware Nx Os
NVD
CVSS 3.0
7.4
EPSS
0.8%
CVE-2019-1593 HIGH PATCH This Week

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-1591 HIGH PATCH This Week

A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-1588 MEDIUM PATCH This Month

A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Authentication Bypass Cisco Nx Os
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-1585 HIGH This Week

A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os Application Policy Infrastructure Controller Software
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-1674 HIGH POC THREAT This Week

A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Command Injection Cisco Webex Meetings Webex Meetings Online +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
10.8%
CVE-2019-1663 CRITICAL POC THREAT Emergency

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco RCE Rv110W Firmware Rv130W Firmware +1
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
95.7%
CVE-2019-1689 HIGH POC This Week

A vulnerability in the client application for iOS of Cisco Webex Teams could allow an authenticated, remote attacker to upload arbitrary files within the scope of the iOS application. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Cisco Apple Webex Teams
NVD
CVSS 3.1
7.3
EPSS
1.6%
CVE-2019-1683 HIGH This Week

A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Spa112 Firmware Spa525 Firmware Spa5X5 Firmware +11
NVD
CVSS 3.1
7.4
EPSS
0.9%
CVE-2019-1700 MEDIUM This Month

A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID:. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Cisco Firepower 9000 Firmware
NVD
CVSS 3.0
6.1
EPSS
0.5%
CVE-2019-1698 MEDIUM This Month

A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Cisco Iot Field Network Director
NVD
CVSS 3.0
4.9
EPSS
3.1%
CVE-2019-1691 MEDIUM This Month

A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine,. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
2.3%
CVE-2019-1685 MEDIUM This Month

A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unity Connection
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-1684 MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Phone 8800 Firmware Ip Phone 7800 Firmware Ip Conference Phone 7832 Firmware +11
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-1681 HIGH This Week

A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Cisco Apple Information Disclosure Ios Xr
NVD
CVSS 3.1
7.5
EPSS
6.3%
CVE-2019-1667 LOW Monitor

A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Hyperflex Hx Data Platform
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2019-1666 MEDIUM This Month

A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Hyperflex Hx Data Platform
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-1665 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Hyperflex Hx Data Platform
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2019-1664 HIGH This Week

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Hyperflex Hx Data Platform
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-1662 CRITICAL Act Now

A vulnerability in the Quality of Voice Reporting (QOVR) service of Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to access the system as a valid. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Prime Collaboration Assurance
NVD
CVSS 3.0
9.1
EPSS
1.8%
CVE-2019-1659 HIGH This Week

A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Prime Infrastructure
NVD
CVSS 3.0
7.4
EPSS
0.8%
CVE-2019-1688 HIGH This Week

A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS). Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Cisco Network Assurance Engine
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2019-1676 HIGH This Week

A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Meeting Server
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-1672 MEDIUM This Month

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Web Security Appliance
NVD
CVSS 3.0
5.8
EPSS
1.6%
CVE-2019-1673 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Identity Services Engine
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2019-1671 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Secure Firewall Management Center
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2019-1670 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Intelligence Center
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2019-1661 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Telepresence Management Suite
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2019-1680 MEDIUM This Month

A vulnerability in Cisco Webex Business Suite could allow an unauthenticated, remote attacker to inject arbitrary text into a user's browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Cisco Webex Business Suite Webex Meetings Online
NVD
CVSS 3.1
4.3
EPSS
1.4%
CVE-2019-1679 MEDIUM This Month

A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cisco Telepresence Video Communication Server Telepresence Conductor
NVD
CVSS 3.1
5.0
EPSS
2.1%
CVE-2019-1660 MEDIUM This Month

A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Telepresence Management Suite
NVD
CVSS 3.0
5.3
EPSS
2.2%
CVE-2019-1678 MEDIUM This Month

A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Meeting Server
NVD
CVSS 3.1
4.3
EPSS
1.4%
CVE-2019-1675 HIGH This Week

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Cisco Information Disclosure Aironet Active Sensor +1
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2019-1677 MEDIUM This Month

A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

XSS Cisco Google Webex Meetings
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2019-1669 HIGH This Week

A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
CVSS 3.0
8.6
EPSS
1.2%
CVE-2019-1668 MEDIUM This Month

A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Socialminer
NVD
CVSS 3.1
6.1
EPSS
1.3%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Cisco Apple +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Apple Information Disclosure +2
NVD
EPSS 4% CVSS 7.2
HIGH PATCH This Week

A vulnerability in Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands on the underlying Linux shell of an affected device with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure +2
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure +1
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure +1
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Cisco Apple Information Disclosure +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the Network Address Translation 64 (NAT64) functions of Cisco IOS Software could allow an unauthenticated, remote attacker to cause either an interface queue wedge or a device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +1
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Apple +1
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

A vulnerability in the ingress traffic validation of Cisco IOS XE Software for Cisco Aggregation Services Router (ASR) 900 Route Switch Processor 3 (RSP3) could allow an unauthenticated, adjacent. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Apple +1
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Cisco Apple +3
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Cisco Apple Command Injection +1
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote attacker to make unauthorized changes to the filesystem of the affected device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Cisco Apple +1
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access sensitive configuration information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Apple Information Disclosure +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the Cisco Encrypted Traffic Analytics (ETA) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +1
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Apple +2
NVD
EPSS 3% CVSS 8.6
HIGH PATCH This Week

A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Cisco Apple +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Phone 8800 Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cisco Ip Phone 8821 Firmware +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Ip Phone 8821 Firmware +3
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Cisco +4
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco RCE +5
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote attacker to access an affected device by using an account that has a default, static. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Cisco Common Services Platform Collector
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Catalyst Center
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Enterprise Chat And Email
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Application Policy Infrastructure Controller
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco RCE Nx Os
NVD
EPSS 1% CVSS 7.4
HIGH POC This Week

A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Cisco Nx Os
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Information Disclosure +1
NVD
EPSS 4% CVSS 8.8
HIGH This Week

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Cisco Command Injection Nx Os
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Cisco Command Injection Nx Os
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Cisco Command Injection Nx Os
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Cisco RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Cisco Nx Os
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Cisco Nx Os
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Cisco Nx Os
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Privilege Escalation Cisco Firepower Extensible Operating System +1
NVD
EPSS 14% CVSS 8.6
HIGH PATCH This Week

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft VMware +2
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Firepower Extensible Operating System +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Cisco Firepower Extensible Operating System +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Nx Os
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Cisco Nx Os
NVD
EPSS 1% CVSS 7.4
HIGH PATCH This Week

A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Denial Of Service Cisco +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Nx Os
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Nx Os
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Authentication Bypass Cisco Nx Os
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os +1
NVD
EPSS 11% CVSS 8.8
HIGH POC THREAT This Week

A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Command Injection Cisco +3
NVD Exploit-DB
EPSS 96% CVSS 9.8
CRITICAL POC THREAT Emergency

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco RCE +3
NVD Exploit-DB
EPSS 2% CVSS 7.3
HIGH POC This Week

A vulnerability in the client application for iOS of Cisco Webex Teams could allow an authenticated, remote attacker to upload arbitrary files within the scope of the iOS application. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Cisco Apple +1
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Spa112 Firmware +13
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID:. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Cisco Firepower 9000 Firmware
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Cisco Iot Field Network Director
NVD
EPSS 2% CVSS 5.8
MEDIUM This Month

A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine,. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unity Connection
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Phone 8800 Firmware +13
NVD
EPSS 6% CVSS 7.5
HIGH This Week

A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Cisco Apple +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Hyperflex Hx Data Platform
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Hyperflex Hx Data Platform
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Hyperflex Hx Data Platform
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Hyperflex Hx Data Platform
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A vulnerability in the Quality of Voice Reporting (QOVR) service of Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to access the system as a valid. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Prime Collaboration Assurance
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Prime Infrastructure
NVD
EPSS 0% CVSS 7.1
HIGH This Week

A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS). Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Cisco +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Meeting Server
NVD
EPSS 2% CVSS 5.8
MEDIUM This Month

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Web Security Appliance
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Identity Services Engine
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Secure Firewall Management Center
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Unified Intelligence Center
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Telepresence Management Suite
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in Cisco Webex Business Suite could allow an unauthenticated, remote attacker to inject arbitrary text into a user's browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Cisco Webex Business Suite +1
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cisco Telepresence Video Communication Server +1
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Telepresence Management Suite
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Meeting Server
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Cisco +3
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

XSS Cisco Google +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Socialminer
NVD
Prev Page 31 of 62 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy