VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,241 total · sorted by risk
  • CVE-2019-16027MedJan 26, 2020
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS–IS…

  • CVE-2019-16018MedJan 26, 2020
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a…

  • CVE-2019-15255MedJan 26, 2020
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to…

  • CVE-2019-12619MedJan 26, 2020
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An…

  • CVE-2012-0334MedJan 15, 2020
    risk 0.42cvss 6.4epss 0.00

    Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks

  • CVE-2019-16002MedNov 26, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI…

  • CVE-2019-15995MedNov 26, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web UI does not properly validate user-supplied input. An attacker could exploit this vulnerability…

  • CVE-2019-1877MedNov 5, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the HTTP API of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to download files attached through chat sessions. The vulnerability is due to insufficient authentication mechanisms on the file download function of the API. An…

  • CVE-2019-15265MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. The vulnerability occurs because BPDUs received from…

  • CVE-2019-15264MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a…

  • CVE-2019-15258MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of…

  • CVE-2019-15257MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper restrictions on configuration…

  • CVE-2019-12708MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to unsafe handling of user credentials. An…

  • CVE-2019-12704MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to view the contents of arbitrary files on an affected device. The vulnerability is due to improper input validation in the…

  • CVE-2019-1915MedOct 2, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, and Cisco Unity Connection could allow…

  • CVE-2019-15272MedOct 2, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to bypass security restrictions. The vulnerability is due to improper…

  • CVE-2019-12714MedOct 2, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the web-based management interface of Cisco IC3000 Industrial Compute Gateway could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software improperly…

  • CVE-2019-12711MedOct 2, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS)…

  • CVE-2019-12700MedOct 2, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of…

  • CVE-2019-12677MedOct 2, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition that prevents the creation of new SSL/Transport Layer Security (TLS)…

  • CVE-2019-1984MedAug 21, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite files on the underlying operating system (OS) of an affected device. The vulnerability is…

  • CVE-2019-1953MedAug 8, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the…

  • CVE-2019-1946MedAug 8, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to an…

  • CVE-2019-1890MedJul 4, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized…

  • CVE-2019-1906MedJun 20, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure (PI) could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. The vulnerability is due to improper validation of API requests. An…

  • CVE-2019-1903MedJun 20, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS) condition. The vulnerability is due to improper restrictions on XML entities. An attacker could exploit this vulnerability…

  • CVE-2019-1879MedJun 20, 2019
    risk 0.42cvss 6.4epss 0.00

    A vulnerability in the CLI of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of user-supplied input at the CLI. An…

  • CVE-2019-1627MedJun 20, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Server Utilities of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to gain unauthorized access to sensitive user information from the configuration data that is stored on the affected system. The vulnerability is…

  • CVE-2019-1732MedMay 15, 2019
    risk 0.42cvss 6.4epss 0.00

    A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use (TOCTOU) race condition to corrupt local variables, which could lead to…

  • CVE-2019-1695MedMay 3, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists…

  • CVE-2019-1693MedMay 3, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due…

  • CVE-2019-1841MedApr 18, 2019
    risk 0.42cvss 6.5epss 0.03

    A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker…

  • CVE-2019-1800MedApr 18, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly…

  • CVE-2019-1799MedApr 18, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly…

  • CVE-2019-1796MedApr 18, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly…

  • CVE-2019-1722MedApr 18, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the FindMe feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The…

  • CVE-2019-1721MedApr 18, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected…

  • CVE-2019-1690MedMar 11, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control…

  • CVE-2019-1684MedFeb 21, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial…

  • CVE-2018-15459MedJan 23, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. The vulnerability is due to improper controls on certain pages in the web interface. An…

  • CVE-2018-0187MedJan 23, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain confidential information for privileged accounts. The vulnerability is due to the improper handling of confidential information. An attacker could…

  • CVE-2018-0461MedJan 10, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Cisco IP Phone 8800 Series Software could allow an unauthenticated, remote attacker to conduct an arbitrary script injection attack on an affected device. The vulnerability exists because the software running on an affected device insufficiently validates…

  • CVE-2018-15450MedNov 8, 2018
    risk 0.42cvss 6.5epss 0.03

    A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a…

  • CVE-2018-15447MedNov 8, 2018
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries.…

  • CVE-2018-0284MedNov 8, 2018
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An…

  • CVE-2018-15438MedOct 17, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to…

  • CVE-2018-15405MedOct 5, 2018
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the web interface for specific feature sets of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to an authorization check that…

  • CVE-2018-15404MedOct 5, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient…

  • CVE-2018-15401MedOct 5, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability…

  • CVE-2018-0466MedOct 5, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorrect handling of specific OSPFv3 packets.…

Page 49 of 145