cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-12649,https://securityvulnerability.io/vulnerability/CVE-2019-12649,Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability,"A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability exists because, under certain circumstances, an affected device can be configured to not verify the digital signatures of system image files during the boot process. An attacker could exploit this vulnerability by abusing a specific feature that is part of the device boot process. A successful exploit could allow the attacker to install and boot a malicious software image or execute unsigned binaries on the targeted device.",Cisco,Cisco iOS Xe Software 3.2.11asg,6.7,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-09-16T20:17:51.000Z,,false,false,,2019-09-25T00:00:00.000Z,0
CVE-2019-12650,https://securityvulnerability.io/vulnerability/CVE-2019-12650,Cisco IOS XE Software Web UI Command Injection Vulnerabilities,"Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco iOS Xe Software 3.2.11asg,7.6,HIGH,0.7277500033378601,false,,false,false,true,2024-09-17T05:17:50.000Z,,false,false,,2019-09-25T00:00:00.000Z,0
CVE-2019-12651,https://securityvulnerability.io/vulnerability/CVE-2019-12651,Cisco IOS XE Software Web UI Command Injection Vulnerabilities,"Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco iOS Xe Software 3.2.11asg,7.6,HIGH,0.8140299916267395,false,,false,false,true,2024-09-16T21:18:07.000Z,,false,false,,2019-09-25T00:00:00.000Z,0
CVE-2019-12660,https://securityvulnerability.io/vulnerability/CVE-2019-12660,Cisco IOS XE Software ASIC Register Write Vulnerability,"A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to modify the configuration of the device to cause it to be non-secure and abnormally functioning.",Cisco,Cisco iOS Xe Software 3.2.11asg,5.5,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-09-17T02:15:52.000Z,,false,false,,2019-09-25T00:00:00.000Z,0
CVE-2019-12670,https://securityvulnerability.io/vulnerability/CVE-2019-12670,Cisco IOS XE Software IOx Guest Shell Namespace Protection Vulnerability,"A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file permissions. An attacker could exploit this vulnerability by modifying files that they should not have access to. A successful exploit could allow the attacker to remove container protections and perform file actions outside the namespace of the container.",Cisco,Cisco iOS Xe Software 3.2.11asg,6.7,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-09-16T19:16:41.000Z,,false,false,,2019-09-25T00:00:00.000Z,0