Latest CVE Feed
-
7.7
HIGHCVE-2022-20951
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to ins... Read more
- Published: Nov. 04, 2022
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2022-20950
A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-check... Read more
Affected Products : firepower_threat_defense- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20949
A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because ... Read more
Affected Products : firepower_threat_defense- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20947
A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20946
A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. ... Read more
Affected Products : firepower_threat_defense- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2022-20945
A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2022-20944
A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to ... Read more
Affected Products : ios_xe catalyst_9200 catalyst_9200cx catalyst_9200l catalyst_c9200-24p catalyst_c9200-24t catalyst_c9200-48p catalyst_c9200-48t catalyst_c9200l-24p-4g catalyst_c9200l-24p-4x +10 more products- Published: Oct. 10, 2022
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2022-20943
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) c... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20942
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote a... Read more
- Published: Nov. 04, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2022-20940
A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against... Read more
Affected Products : firepower_threat_defense- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2022-20937
A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to insuffi... Read more
Affected Products : identity_services_engine- Published: Nov. 04, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2022-20934
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to impr... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20933
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is ... Read more
- Published: Oct. 26, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2022-20930
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vuln... Read more
Affected Products : sd-wan catalyst_sd-wan_manager sd-wan_vmanage sd-wan_vbond_orchestrator sd-wan_vsmart_controller vedge_100 vedge_1000 vedge_100b vedge_100m vedge_100wm +2 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-20929
A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cry... Read more
Affected Products : enterprise_nfv_infrastructure_software- Published: Mar. 10, 2023
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2022-20928
A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as ... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2022-20927
A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. ... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2022-20924
A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS)... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-20923
A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network. This... Read more
- Published: Sep. 08, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20922
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) c... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024