Latest CVE Feed
-
8.6
HIGHCVE-2022-20870
A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpect... Read more
- Published: Oct. 10, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20869
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability e... Read more
Affected Products : broadworks_application_delivery_platform broadworks broadworks_commpilot_application- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2022-20868
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attac... Read more
- Published: Nov. 04, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20867
A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker mu... Read more
- Published: Nov. 04, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2022-20866
A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerab... Read more
Affected Products : adaptive_security_appliance_software firepower_threat_defense adaptive_security_appliance_software asa_5506-x asa_5506h-x asa_5506w-x asa_5508-x asa_5516-x firepower_1010 firepower_1120 +25 more products- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2022-20865
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability ... Read more
- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024
-
4.6
MEDIUMCVE-2022-20864
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability... Read more
- Published: Oct. 10, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2022-20863
A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected softwa... Read more
Affected Products : webex_teams- Published: Sep. 08, 2022
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2022-20862
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary... Read more
Affected Products : unified_communications_manager- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-20861
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnera... Read more
Affected Products : nexus_dashboard- Published: Jul. 21, 2022
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2022-20860
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certific... Read more
Affected Products : nexus_dashboard- Published: Jul. 21, 2022
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2022-20859
A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote ... Read more
- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-20858
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnera... Read more
Affected Products : nexus_dashboard- Published: Jul. 21, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-20857
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnera... Read more
Affected Products : nexus_dashboard- Published: Jul. 21, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20856
A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial ... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.9
HIGHCVE-2022-20855
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on... Read more
Affected Products : ios_xe catalyst_9800 catalyst_9800-40 catalyst_9800-80 catalyst_9800-cl catalyst_9800-l catalyst_9800-l-c catalyst_9800-l-f catalyst_9105 catalyst_9115 +20 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20852
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabil... Read more
Affected Products : webex_meetings- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-20851
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit t... Read more
Affected Products : ios_xe catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr asr_1001 asr_1002 asr_1002-x asr_1002_fixed_router +249 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2022-20850
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient i... Read more
Affected Products : sd-wan sd-wan_vmanage ios_xe_sd-wan sd-wan_vbond_orchestrator sd-wan_vsmart_controller sd-wan_solution vedge_100 vedge_1000 vedge_100b vedge_100m +5 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20848
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnera... Read more
Affected Products : ios_xe catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr asr_1001 asr_1002 asr_1002-x asr_1004 +350 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024