Latest CVE Feed
-
7.2
HIGHCVE-2022-20677
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more
Affected Products : ios catalyst_8500 asr_9001 asr_9006 asr_9010 asr_9904 asr_9912 asr_9922 catalyst_3650 catalyst_3850 +52 more products- Published: Apr. 15, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-20676
A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation o... Read more
Affected Products : ios_xe- Published: Apr. 15, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2022-20675
A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the S... Read more
- Published: Apr. 06, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20674
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20673
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20672
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20671
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20670
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20669
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20668
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20667
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20666
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. Thes... Read more
Affected Products : common_services_platform_collector- Published: May. 27, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-20665
A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability b... Read more
- Published: Apr. 06, 2022
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2022-20664
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive informa... Read more
- Published: Jun. 15, 2022
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2022-20662
A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability exists because the assigned user of a smart card is not properly matche... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
4.9
MEDIUMCVE-2022-20661
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a perman... Read more
- Published: Apr. 15, 2022
- Modified: Nov. 21, 2024
-
4.6
MEDIUMCVE-2022-20660
A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of conf... Read more
- Published: Jan. 14, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-20659
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the i... Read more
- Published: Feb. 17, 2022
- Modified: Nov. 21, 2024
-
9.6
CRITICALCVE-2022-20658
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an authenticated, remote attacker to elevate their privileges... Read more
- Published: Jan. 14, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2022-20653
A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) con... Read more
- Published: Feb. 17, 2022
- Modified: Nov. 21, 2024