1098 matches found
Cross site scripting
A vulnerability in the web-based management interface of Cisco SPA122 ATA with Router Devices could allow an unauthenticated, adjacent attacker to conduct cross-site scripting attacks. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface...
Input validation
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15281 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The attacker must have...
CVE-2019-15270
Cisco Firepower Management Center (FMC) web-based management interface is affected by a stored cross-site scripting (XSS) vulnerability (CVE-2019-15270) due to insufficient validation of user-supplied input. An unauthenticated/remote attacker can persuade a user to click a crafted link, potential...
CVE-2019-15269
CVE-2019-15269 concerns multiple cross-site scripting (XSS) vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC). The root cause is insufficient validation of user-supplied input in the FMC web interface, allowing an authenticated, remote attacker to tr...
CVE-2019-15258
CVE-2019-15258 affects Cisco SPA100 Series ATAs web-based management interface. Description and connected sources confirm an authenticated, remote attacker can exploit improper validation of user-supplied requests to the web UI, causing a denial-of-service condition where the device stops respond...
CVE-2019-15252 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15252 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15257
CVE-2019-15257 affects Cisco SPA100 Series ATAs. The vulnerability arises in the web-based management interface where improper restrictions on configuration information allow an authenticated remote attacker to retrieve running configuration data, potentially exposing sensitive information. Impac...
CVE-2019-15257 Cisco SPA100 Series Analog Telephone Adapters Running Configuration Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper restrictions on configuration information. An...
CVE-2019-15250
The provided documents describe CVE-2019-15250 in Cisco SPA100 Series Analog Telephone Adapters (ATAs). Affected component: web-based management interface of Cisco SPA100 Series ATAs. Root cause: improper validation of user-supplied input to the web management interface, enabling an authenticated...
CVE-2019-15251 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15250 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15250 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15248
Cisco SPA100 Series ATAs are affected by multiple remote-code-execution vulnerabilities due to improper validation of input in the web-based management interface. Authentication to the management interface and crafted requests can lead to arbitrary code execution with elevated privileges, with th...
CVE-2019-15249 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15249 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15248 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15248 Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An...
CVE-2019-15249
CVE-2019-15249 describes multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) due to improper validation of user-supplied input to the web-based management interface. An authenticated, adjacent attacker can craft requests to the affected device, potentially executing a...