Latest CVE Feed
-
7.4
HIGHCVE-2022-20860
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certific... Read more
Affected Products : nexus_dashboard- Published: Jul. 21, 2022
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2022-20859
A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote ... Read more
- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-20858
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnera... Read more
Affected Products : nexus_dashboard- Published: Jul. 21, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-20857
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnera... Read more
Affected Products : nexus_dashboard- Published: Jul. 21, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20856
A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial ... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.9
HIGHCVE-2022-20855
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on... Read more
Affected Products : ios_xe catalyst_9800 catalyst_9800-40 catalyst_9800-80 catalyst_9800-cl catalyst_9800-l catalyst_9800-l-c catalyst_9800-l-f catalyst_9105 catalyst_9115 +20 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20852
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabil... Read more
Affected Products : webex_meetings- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-20851
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit t... Read more
Affected Products : ios_xe catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr asr_1001 asr_1002 asr_1002-x asr_1002_fixed_router +249 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2022-20850
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient i... Read more
Affected Products : sd-wan sd-wan_vmanage ios_xe_sd-wan sd-wan_vbond_orchestrator sd-wan_vsmart_controller sd-wan_solution vedge_100 vedge_1000 vedge_100b vedge_100m +5 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20848
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnera... Read more
Affected Products : ios_xe catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr asr_1001 asr_1002 asr_1002-x asr_1004 +350 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20847
A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the i... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
6.0
MEDIUMCVE-2022-20845
A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditio... Read more
Affected Products : ios_xr- Published: Nov. 15, 2024
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2022-20844
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and passwo... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-20842
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more informati... Read more
- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2022-20841
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more informati... Read more
Affected Products : rv340_firmware rv340w_firmware rv345_firmware rv345p_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware rv260w_firmware small_business_rv_series_router_firmware +9 more products- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20837
A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability i... Read more
- Published: Oct. 10, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2022-20830
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability... Read more
- Published: Oct. 10, 2022
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2022-20829
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to... Read more
Affected Products : adaptive_security_appliance_software adaptive_security_device_manager isa_3000_firmware asa_5585-x_firmware asa_5512-x_firmware asa_5515-x_firmware asa_5585-x asa_5512-x asa_5515-x firepower_1010 +16 more products- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWE... Read more
Affected Products : asa_firepower firepower_services_software_for_asa firepower_1010 firepower_1120 firepower_1140 firepower_1150 firepower_2110 firepower_2120 firepower_2130 firepower_2140 +11 more products- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2022-20827
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more informati... Read more
Affected Products : rv340_firmware rv340w_firmware rv345_firmware rv345p_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware rv260w_firmware small_business_rv_series_router_firmware +9 more products- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024