Latest CVE Feed
-
9.1
CRITICALCVE-2022-20829
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to... Read more
Affected Products : adaptive_security_appliance_software adaptive_security_device_manager isa_3000_firmware asa_5585-x_firmware asa_5512-x_firmware asa_5515-x_firmware asa_5585-x asa_5512-x asa_5515-x firepower_1010 +16 more products- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWE... Read more
Affected Products : asa_firepower firepower_services_software_for_asa firepower_1010 firepower_1120 firepower_1140 firepower_1150 firepower_2110 firepower_2120 firepower_2130 firepower_2140 +11 more products- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2022-20827
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more informati... Read more
Affected Products : rv340_firmware rv340w_firmware rv345_firmware rv345p_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware rv260w_firmware small_business_rv_series_router_firmware +9 more products- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2022-20826
A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physica... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2022-20825
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resultin... Read more
- Published: Jun. 15, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2022-20824
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an aff... Read more
Affected Products : nx-os nexus_7000_firmware nexus_9000_firmware nexus_93180yc-fx3s_firmware nexus_93180yc-fx3_firmware nexus_7000 nexus_1000v nexus_3016_firmware nexus_3048_firmware nexus_3064_firmware +279 more products- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20823
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of ... Read more
Affected Products : nx-os nexus_7000_firmware nexus_9000_firmware nexus_93180yc-fx3s_firmware nexus_93180yc-fx3_firmware nexus_7000 nexus_7000_10-slot nexus_7000_18-slot nexus_7000_9-slot nexus_3016_firmware +285 more products- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2022-20822
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device. This vulnerability is due to insufficient validation of user-suppli... Read more
Affected Products : identity_services_engine- Published: Oct. 26, 2022
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2022-20820
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabil... Read more
Affected Products : webex_meetings- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20819
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege... Read more
Affected Products : identity_services_engine- Published: Jun. 15, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-20818
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could expl... Read more
Affected Products : sd-wan catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr sd-wan_vmanage sd-wan_vbond_orchestrator asr_1001 asr_1002 +74 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2022-20817
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation durin... Read more
Affected Products : unified_ip_phone_6911_firmware unified_ip_phone_6921_firmware unified_ip_phone_6941_firmware unified_ip_phone_6945_firmware unified_ip_phone_6961_firmware unified_ip_phone_8941_firmware unified_ip_phone_8945_firmware unified_ip_phone_8961_firmware unified_ip_phone_9951_firmware unified_ip_phone_9971_firmware +12 more products- Published: Jun. 15, 2022
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2022-20816
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to delete arbitra... Read more
Affected Products : unified_communications_manager- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20815
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&... Read more
Affected Products : unified_communications_manager_im_and_presence_service unified_communications_manager- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2022-20813
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning atta... Read more
- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2022-20812
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning atta... Read more
- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-20811
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more informat... Read more
- Published: Oct. 26, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20810
A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insuffic... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20809
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an... Read more
- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2022-20808
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneou... Read more
Affected Products : smart_software_manager_on-prem- Published: Jul. 06, 2022
- Modified: Nov. 21, 2024