|
221931
|
7.5 |
HIGH
Network
|
cisco
|
ios_xr
|
A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, poss…
|
CWE-22
Path Traversal
|
CVE-2019-1681
|
2024-11-21 13:37 |
2019-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221932
|
3.3 |
LOW
Local
|
cisco
|
hyperflex_hx_data_platform
|
A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. The vulnerability is due to insuf…
|
CWE-863
Incorrect Authorization
|
CVE-2019-1667
|
2024-11-21 13:37 |
2019-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221933
|
6.1 |
MEDIUM
Network
|
cisco
|
hyperflex_hx_data_platform
|
A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the …
|
CWE-79
Cross-site Scripting
|
CVE-2019-1665
|
2024-11-21 13:37 |
2019-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221934
|
7.8 |
HIGH
Local
|
cisco
|
hyperflex_hx_data_platform
|
A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insuffici…
|
CWE-287
Improper Authentication
|
CVE-2019-1664
|
2024-11-21 13:37 |
2019-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221935
|
9.1 |
CRITICAL
Network
|
cisco
|
prime_collaboration_assurance
|
A vulnerability in the Quality of Voice Reporting (QOVR) service of Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to access the system as a valid …
|
CWE-287
Improper Authentication
|
CVE-2019-1662
|
2024-11-21 13:37 |
2019-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221936
|
7.4 |
HIGH
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack agai…
|
CWE-295
Improper Certificate Validation
|
CVE-2019-1659
|
2024-11-21 13:37 |
2019-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221937
|
7.1 |
HIGH
Local
|
cisco
|
network_assurance_engine
|
A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS) c…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-1688
|
2024-11-21 13:37 |
2019-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221938
|
7.5 |
HIGH
Network
|
cisco
|
meeting_server
|
A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) cond…
|
CWE-20
Improper Input Validation
|
CVE-2019-1676
|
2024-11-21 13:37 |
2019-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221939
|
5.8 |
MEDIUM
Network
|
cisco
|
web_security_appliance
|
A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2019-1672
|
2024-11-21 13:37 |
2019-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221940
|
5.4 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a us…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1673
|
2024-11-21 13:37 |
2019-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
