|
221811
|
7.4 |
HIGH
Adjacent
|
cisco
|
firepower_management_center
firepower_threat_defense
|
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-1696
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221812
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_collaboration_assurance
|
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack again…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1856
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221813
|
4.3 |
MEDIUM
Network
|
cisco
|
telepresence_video_communication_server
|
A vulnerability in the management web interface of Cisco Expressway Series could allow an authenticated, remote attacker to perform a directory traversal attack against an affected device. The vulner…
|
CWE-22
Path Traversal
|
CVE-2019-1854
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221814
|
6.1 |
MEDIUM
Network
|
cisco
|
network_registrar
|
A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1852
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221815
|
5.3 |
MEDIUM
Network
|
cisco
|
email_security_appliance
|
A vulnerability in certain attachment detection mechanisms of the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affe…
|
CWE-20
Improper Input Validation
|
CVE-2019-1844
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221816
|
5.4 |
MEDIUM
Network
|
cisco
|
application_policy_infrastructure_controller
|
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1838
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221817
|
7.1 |
HIGH
Local
|
cisco
|
nx-os
|
A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to use symbolic links to …
|
CWE-59
Link Following
|
CVE-2019-1836
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221818
|
7.5 |
HIGH
Network
|
cisco
|
web_security_appliance
|
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition …
|
CWE-20
Improper Input Validation
|
CVE-2019-1817
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221819
|
7.8 |
HIGH
Local
|
cisco
|
web_security_appliance
|
A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. T…
|
CWE-20
Improper Input Validation
|
CVE-2019-1816
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221820
|
8.8 |
HIGH
Network
|
cisco
|
umbrella
|
A vulnerability in the session management functionality of the web UI for the Cisco Umbrella Dashboard could allow an authenticated, remote attacker to access the Dashboard via an active, user sessio…
|
CWE-384
Session Fixation
|
CVE-2019-1807
|
2024-11-21 13:37 |
2019-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
