Latest CVE Feed
-
10.0
HIGHCVE-2022-20825
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resultin... Read more
- Published: Jun. 15, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2022-20824
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an aff... Read more
Affected Products : nx-os nexus_7000_firmware nexus_9000_firmware nexus_93180yc-fx3s_firmware nexus_93180yc-fx3_firmware nexus_7000 nexus_1000v nexus_3016_firmware nexus_3048_firmware nexus_3064_firmware +279 more products- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20823
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of ... Read more
Affected Products : nx-os nexus_7000_firmware nexus_9000_firmware nexus_93180yc-fx3s_firmware nexus_93180yc-fx3_firmware nexus_7000 nexus_7000_10-slot nexus_7000_18-slot nexus_7000_9-slot nexus_3016_firmware +285 more products- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2022-20822
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device. This vulnerability is due to insufficient validation of user-suppli... Read more
Affected Products : identity_services_engine- Published: Oct. 26, 2022
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2022-20820
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabil... Read more
Affected Products : webex_meetings- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20819
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege... Read more
Affected Products : identity_services_engine- Published: Jun. 15, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-20818
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could expl... Read more
Affected Products : sd-wan catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr sd-wan_vmanage sd-wan_vbond_orchestrator asr_1001 asr_1002 +74 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2022-20817
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation durin... Read more
Affected Products : unified_ip_phone_6911_firmware unified_ip_phone_6921_firmware unified_ip_phone_6941_firmware unified_ip_phone_6945_firmware unified_ip_phone_6961_firmware unified_ip_phone_8941_firmware unified_ip_phone_8945_firmware unified_ip_phone_8961_firmware unified_ip_phone_9951_firmware unified_ip_phone_9971_firmware +12 more products- Published: Jun. 15, 2022
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2022-20816
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to delete arbitra... Read more
Affected Products : unified_communications_manager- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20815
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&... Read more
Affected Products : unified_communications_manager_im_and_presence_service unified_communications_manager- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2022-20813
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning atta... Read more
- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2022-20812
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning atta... Read more
- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-20811
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more informat... Read more
- Published: Oct. 26, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20810
A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insuffic... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20809
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an... Read more
- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2022-20808
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneou... Read more
Affected Products : smart_software_manager_on-prem- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20807
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an... Read more
- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2022-20806
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an... Read more
- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
4.1
MEDIUMCVE-2022-20805
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to ... Read more
- Published: Apr. 21, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20804
A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, adjacent attacker to cause a kernel p... Read more
Affected Products : unified_communications_manager- Published: Apr. 21, 2022
- Modified: Nov. 21, 2024