Advisory ID: BGD-2019-0013 Version: 1.00 Probability: medium CVE ID: CVE-2019-1745 Damage: medium Publication date: 2019-04-16 Description: A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and...
Read More
Advisory ID: BGD-2019-0012 Version: 1.00 Probability: medium CVE ID: CVE-2019-1828 Damage: medium Publication date: 2019-04-16 Description: A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption algorithms for user credentials. An attacker could exploit this vulnerability by...
Read More
Advisory ID: BGD-2019-0011 Version: 1.00 Probability: high CVE ID: CVE-2019-1598 Damage: medium Publication date: 2019-04-01 Description: Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper...
Read More
Advisory ID: BGD-2019-0009 Version: 1.04 Probability: medium CVE ID: CVE-2019-1601(nx-os) Damage: medium Publication date: 2019-03-20 Description: A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker could exploit this vulnerability...
Read More
Advisory ID: BGD-2019-0007 Version: 1.00 Probability: high CVE ID: CVE-2019-1663 Damage: high Publication date: 2019-03-12 Description: A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. Impact: A remote attacker could exploit this vulnerability to...
Read More
