Skip to main content

Cisco

5526 CVEs vendor

Monthly

CVE-2023-20069 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to conduct a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Evolved Programmable Network Manager Prime Infrastructure
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-20062 MEDIUM This Month

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SSRF Cisco Packaged Contact Center Enterprise Unified Contact Center Enterprise +2
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-20061 MEDIUM This Month

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SSRF Cisco Packaged Contact Center Enterprise Unified Contact Center Enterprise +2
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-20085 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-20075 MEDIUM This Month

Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Email Security Appliance
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2023-20053 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Nexus Dashboard
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-20014 HIGH This Week

A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nexus Dashboard
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-20009 HIGH This Week

A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Email Security Appliance Secure Email And Web Manager
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2023-20089 MEDIUM This Month

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated,. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-20050 HIGH This Week

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-20016 MEDIUM This Month

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Ucs Central Software Ucs 6536 Firmware Ucs 64108 Firmware +9
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-20015 MEDIUM This Month

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Ucs Central Software Ucs 6536 Firmware Ucs 64108 Firmware +9
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-20012 MEDIUM This Month

A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Authentication Bypass Nexus 93180Yc Fx3S Firmware Nexus 93180Yc Fx3 Firmware +4
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2023-20011 HIGH This Week

A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Application Policy Infrastructure Controller Cloud Network Controller
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-20076 HIGH This Week

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ic3000 Industrial Compute Gateway Iox Ios Xe +6
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-24451 Maven MEDIUM This Month

A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Cisco Authentication Bypass Cisco Spark
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-20058 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Packaged Contact Center Enterprise Unified Contact Center Enterprise Unified Contact Center Express +1
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-20057 MEDIUM This Month

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Asyncos
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-20047 MEDIUM This Month

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and Cisco Webex Share devices could allow an unauthenticated, adjacent attacker to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Webex Room Phone Firmware Webex Share Firmware Sip Ip Phone Software
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-20045 HIGH This Week

A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Rv160 Vpn Router Firmware Rv160W Wireless Ac Vpn Router Firmware Rv260 Vpn Router Firmware +1
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2023-20044 HIGH This Week

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Cx Cloud Agent
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2023-20043 MEDIUM This Month

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Cx Cloud Agent
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-20040 MEDIUM This Month

A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Network Services Orchestrator
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2023-20038 HIGH This Week

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Industrial Network Director
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-20037 MEDIUM This Month

A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Industrial Network Director
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-20026 HIGH This Week

A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Rv016 Firmware Rv042 Firmware Rv042G Firmware +1
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2023-20025 CRITICAL Act Now

A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Rv016 Firmware Rv042 Firmware Rv042G Firmware +1
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2023-20020 HIGH This Week

A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Broadworks Application Delivery Platform Device Management Broadworks Xtended Services Platform
NVD
CVSS 3.1
8.6
EPSS
0.9%
CVE-2023-20019 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Broadworks Application Delivery Platform Broadworks Application Server Broadworks Xtended Services Platform
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-20018 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Ip Phone 7800 Firmware Ip Phone 7811 Firmware Ip Phone 7821 Firmware +19
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-20010 HIGH This Week

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Unified Communications Manager
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2023-20008 HIGH This Week

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Roomos Telepresence Collaboration Endpoint Telepresence Tc
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-20007 HIGH This Week

A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Buffer Overflow Cisco Denial Of Service Rv340 Firmware +3
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2023-20002 MEDIUM This Month

A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

SSRF Cisco Roomos Telepresence Collaboration Endpoint
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-20968 HIGH This Week

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco RCE Memory Corruption +13
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2022-20691 MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause a DoS condition of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Ata 190 Firmware Ata 191 Firmware Ata 192 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-20690 HIGH This Week

Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Buffer Overflow Ata 190 Firmware Ata 191 Firmware Ata 192 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-20689 HIGH This Week

Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Buffer Overflow Ata 190 Firmware Ata 191 Firmware Ata 192 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-20688 MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Cisco Buffer Overflow Ata 190 Firmware +2
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2022-20687 MEDIUM This Month

Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Buffer Overflow Ata 190 Firmware +2
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2022-20686 MEDIUM This Month

Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service Ata 190 Firmware Ata 191 Firmware +1
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2022-3643 MEDIUM This Month

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Broadcom Cisco Denial Of Service Linux Kernel Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-20950 MEDIUM This Month

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-20949 MEDIUM This Month

A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Firepower Threat Defense
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2022-20947 HIGH This Week

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-20946 HIGH This Week

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Cisco Denial Of Service Buffer Overflow Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-20943 MEDIUM This Month

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Cyber Vision Meraki Mx Security Appliance Firmware
NVD
CVSS 3.1
5.8
EPSS
0.9%
CVE-2022-20941 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to access sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Firewall Management Center
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-20940 MEDIUM This Month

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Cisco Firepower Threat Defense
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-20938 MEDIUM This Month

A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco XXE Secure Firewall Management Center
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-20936 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20935 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20934 MEDIUM This Month

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Firepower Threat Defense Firepower Extensible Operating System
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2022-20932 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-20928 MEDIUM This Month

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.7%
CVE-2022-20927 MEDIUM This Month

A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow Adaptive Security Appliance Software Firepower Threat Defense +1
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-20926 HIGH This Week

A vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cisco Secure Firewall Management Center
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-20925 HIGH This Week

A vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cisco Secure Firewall Management Center
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-20924 MEDIUM This Month

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-20922 MEDIUM This Month

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Umbrella Virtual Appliance Cyber Vision
NVD VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-20918 HIGH This Week

A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Services Software For Asa Secure Firewall Management Center
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-20905 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20872 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20854 HIGH This Week

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Secure Firewall Management Center Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-20843 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20840 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20839 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20838 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20836 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20835 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20834 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20833 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20832 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20831 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2022-20826 MEDIUM This Month

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2022-20969 MEDIUM This Month

A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the Cisco. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Umbrella
NVD VulDB
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-20963 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-20962 HIGH This Week

A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to make unauthorized changes to the file system of an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Identity Services Engine
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-20961 HIGH This Week

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cisco Identity Services Engine
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-20960 HIGH This Week

A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Email Security Appliance
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-20958 HIGH This Week

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cisco Broadworks Commpilot Application
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-20956 HIGH This Week

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Identity Services Engine
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2022-20951 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cisco Broadworks Messaging Server
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2022-20942 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Asyncos
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-20937 MEDIUM This Month

A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Identity Services Engine
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-20868 HIGH This Week

A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Asyncos
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-20867 MEDIUM This Month

A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Asyncos
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-20772 MEDIUM This Month

A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Code Injection Email Security Appliance Firmware Secure Email And Web Manager Firmware
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-20959 MEDIUM This Month

A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2022-20955 HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
7.1
EPSS
0.4%
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to conduct a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Evolved Programmable Network Manager +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SSRF Cisco +4
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SSRF Cisco +4
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Email Security Appliance
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Nexus Dashboard
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nexus Dashboard
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Email Security Appliance +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated,. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Nx Os
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Ucs Central Software +11
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Ucs Central Software +11
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Authentication Bypass +6
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Application Policy Infrastructure Controller +1
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ic3000 Industrial Compute Gateway +8
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Cisco Authentication Bypass +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Packaged Contact Center Enterprise +3
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Asyncos
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and Cisco Webex Share devices could allow an unauthenticated, adjacent attacker to cause a denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Webex Room Phone Firmware +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Rv160 Vpn Router Firmware +3
NVD
EPSS 0% CVSS 7.3
HIGH This Week

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Cx Cloud Agent
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Cx Cloud Agent
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Network Services Orchestrator
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Industrial Network Director
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Industrial Network Director
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Rv016 Firmware +3
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Rv016 Firmware +3
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Broadworks Application Delivery Platform Device Management +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Broadworks Application Delivery Platform +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Ip Phone 7800 Firmware +21
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Unified Communications Manager
NVD
EPSS 0% CVSS 7.1
HIGH This Week

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Roomos +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Buffer Overflow Cisco +5
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

SSRF Cisco Roomos +1
NVD
EPSS 6% CVSS 8.8
HIGH This Week

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco +15
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause a DoS condition of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Ata 190 Firmware +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Buffer Overflow Ata 190 Firmware +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Buffer Overflow Ata 190 Firmware +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Cisco +4
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service +4
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Cisco Denial Of Service +3
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Broadcom Cisco Denial Of Service +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Firepower Threat Defense
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Cisco Denial Of Service +2
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to access sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Firewall Management Center
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Cisco +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco XXE +1
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Cisco Firepower Threat Defense +1
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 1% CVSS 5.8
MEDIUM This Month

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Buffer Overflow +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cisco Secure Firewall Management Center
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability in the web management interface of the Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cisco Secure Firewall Management Center
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +2
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Firepower Services Software For Asa +1
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Secure Firewall Management Center +1
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Adaptive Security Appliance Software +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the Cisco. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Umbrella
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to make unauthorized changes to the file system of an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Identity Services Engine
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cisco Identity Services Engine
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Email Security Appliance
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cisco Broadworks Commpilot Application
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Identity Services Engine
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Cisco Broadworks Messaging Server
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Asyncos
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Identity Services Engine
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Asyncos
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Asyncos
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Code Injection Email Security Appliance Firmware +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Identity Services Engine
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal +2
NVD
Prev Page 11 of 62 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy