Cisco Latest Vulnerabilities

December 4

Unauthenticated Attacker Could Bypass NX-OS Image Signature Verification via Insecure Bootloader Settings

CVE-2024-20397

Cisco5.2MEDIUM

November 18

Cisco SD-WAN vManage Software Vulnerability: Authenticated Attackers Can Access Sensitive Information

CVE-2020-26066

CiscoCisco Catalyst Sd-wan ...6.5MEDIUM

Cisco Webex Teams vulnerability could lead to cross-site scripting attacks

CVE-2020-26067

CiscoCisco Webex Teams5.4MEDIUM

Cisco Integrated Management Controller Vulnerability Could Allow Unauthorized Access to Administrative User Accounts

CVE-2020-26062

CiscoCisco Unified Computin...5.3MEDIUM

Cisco Integrated Management Controller Vulnerability Allows Unauthorized Actions

CVE-2020-26063

CiscoCisco Unified Computin...5.4MEDIUM

Cisco SD-WAN Software Vulnerability Discovered

CVE-2020-26071

CiscoCisco Catalyst Sd-wan ...8.4HIGH

Cisco ASA Software Vulnerability Could Lead to Unauthorized Reload and Denial of Service

CVE-2020-27124

CiscoCisco Adaptive Securit...8.6HIGH

Cisco Unified Communications Manager and Session Management Edition Vulnerable to XSS Attacks

CVE-2020-3420

CiscoCisco Unified Communic...5.4MEDIUM

Cross-Site Scripting Vulnerability in Cisco Small Business RV042 and RV042G VPN Routers

CVE-2020-3431

CiscoCisco Small Business R...6.1MEDIUM

Unauthorized Access to Sensitive Information via Directory Traversal

CVE-2020-26073

CiscoCisco Catalyst Sd-wan ...7.5HIGH

Cisco SD-WAN vManage Software Vulnerability - Escalated Privileges on Local Systems

CVE-2020-26074

CiscoCisco Catalyst Sd-wan ...7.8HIGH

Cisco ISE Vulnerability Could Allow Attacker to Recover Service Account Passwords

CVE-2020-3525

CiscoCisco Identity Service...4.3MEDIUM

Cisco Unified Communications Manager vulnerable to Cross-Site Scripting (XSS) Attacks

CVE-2020-3532

CiscoCisco Unity Connection6.1MEDIUM

Cisco DCNM Software Vulnerability: Path Traversal Attacks Ahead

CVE-2020-3538

CiscoCisco Data Center Netw...4.6MEDIUM

Cisco DCNM Vulnerability Allows Unauthorized Access to Templates

CVE-2020-3539

CiscoCisco Data Center Netw...6.3MEDIUM

Cisco Email Security Appliance (ESA) Vulnerability: High CPU Usage DoS Attack

CVE-2020-3548

CiscoCisco Secure Email5.3MEDIUM

Cisco SD-WAN vManage Software Vulnerability

CVE-2021-1234

CiscoCisco Catalyst Sd-wan ...5.3MEDIUM

Cisco NSO Vulnerability Allows Unauthenticated Access to Sensitive Data

CVE-2021-1132

CiscoCisco Network Services...5.3MEDIUM

Unauthenticated Remote Code Execution and Denial of Service Vulnerabilities in Cisco IP Phones

CVE-2021-1379

CiscoCisco Ip Phones With M...6.5MEDIUM

Cisco Snort Vulnerability Could Lead to Denial of Service Condition

CVE-2021-1285

CiscoCisco Utd Snort Ips En...7.4HIGH

Cisco SD-WAN vManage Software Vulnerability Could Allow Remote Access to Sensitive Information

CVE-2021-1232

CiscoCisco Catalyst Sd-wan ...6.5MEDIUM

Cisco Webex Meetings Vulnerability: Modification of Distribution Lists by Unauthorized Users

CVE-2021-1410

CiscoCisco Webex Meetings4.3MEDIUM

Cisco AsyncOS Software Vulnerability Could Allow Access to Sensitive Information

CVE-2021-1425

CiscoCisco Secure Email And...4.3MEDIUM

Cisco ASR 5000 Series Software Vulnerability Could Lead to Denial of Service

CVE-2021-1424

CiscoCisco Asr 5000 Series ...5.3MEDIUM

Vulnerability in RPKI Implementation Could Lead to Denial of Service

CVE-2021-1440

CiscoCisco iOS Xr Software6.8MEDIUM

Vulnerability in Image Signature Verification Feature Could Allow Attackers to Install Malware

CVE-2021-1461

CiscoCisco Catalyst Sd-wan ...4.9MEDIUM

Cisco ASA Software Vulnerability Could Allow XSS Attacks

CVE-2021-1444

CiscoCisco Adaptive Securit...6.1MEDIUM

Cisco SD-WAN vManage Software Vulnerability Allows Elevation of Privileges

CVE-2021-1462

CiscoCisco Catalyst Sd-wan ...4.4MEDIUM

Cisco SD-WAN vManage Software Vulnerability Allows Directory Traversal and Sensitive File Access

CVE-2021-1465

CiscoCisco Catalyst Sd-wan ...4.3MEDIUM

November 15

Cisco SD-WAN vManage Software Vulnerability Could Lead to Denial of Service

CVE-2021-1466

CiscoCisco Catalyst Sd-wan ...5.4MEDIUM

Cisco SD-WAN vManage Software Vulnerability: SQL Injection Attacks Possible

CVE-2021-1470

CiscoCisco Catalyst Sd-wan ...4.9MEDIUM

Cisco SD-WAN vManage Software Vulnerability Could Lead to Sensitive Information Theft

CVE-2021-1481

CiscoCisco Catalyst Sd-wan ...4.3MEDIUM

Cisco SD-WAN vManage Software Vulnerability Could Lead to Sensitive Information Access

CVE-2021-1482

CiscoCisco Catalyst Sd-wan ...6.4MEDIUM

Cisco SD-WAN vManage Software Vulnerability Allows Bypass of Authorization Checking

CVE-2021-1464

CiscoCisco Catalyst Sd-wan ...5MEDIUM

Cisco SD-WAN vManage Software Vulnerability

CVE-2021-1483

CiscoCisco Catalyst Sd-wan ...6.4MEDIUM

Cisco SD-WAN vManage Software Vulnerability Could Lead to Denial of Service

CVE-2021-1484

CiscoCisco Catalyst Sd-wan ...6.5MEDIUM

Cisco SD-WAN vManage Software Vulnerability

CVE-2021-1491

CiscoCisco Catalyst Sd-wan ...6.5MEDIUM

Cisco Snort Vulnerability Allows Bypass of Configured File Policy for HTTP

CVE-2021-1494

CiscoCisco Firepower Threat...5.8MEDIUM

Cisco ECE Vulnerability Could Lead to Username Enumeration Attacks

CVE-2022-20633

CiscoCisco Enterprise Chat ...5.3MEDIUM

Cisco ECE Web-Based Management Interface Vulnerability

CVE-2022-20632

CiscoCisco Enterprise Chat ...6.1MEDIUM

Cisco Firepower Threat Defense Software Vulnerability

CVE-2021-34753

CiscoCisco Firepower Threat...5.8MEDIUM

Cisco FTD Software Vulnerability Could Allow Arbitrary Commands with Root Privileges

CVE-2021-34752

CiscoCisco Firepower Threat...6.7MEDIUM

Improper Encryption of Sensitive Information in FMC GUI Configuration Manager Could Lead to Information Disclosure

CVE-2021-34751

CiscoCisco Firepower Manage...4.3MEDIUM

Cisco Firepower Management Center Software Vulnerability: Sensitive Configuration Information at Risk

CVE-2021-34750

CiscoCisco Firepower Manage...4.3MEDIUM

Cisco Prime Access Registrar Appliance Vulnerability Could Lead to Cross-Site Scripting Attacks

CVE-2022-20626

CiscoCisco Prime Access Reg...5.5MEDIUM

Cisco ECE Web-Based Management Interface Vulnerability

CVE-2022-20631

CiscoCisco Enterprise Chat ...6.1MEDIUM

Cisco Webex Meetings Vulnerability Allows Cross-Site Scripting Attacks

CVE-2022-20654

CiscoCisco Webex Meetings6.1MEDIUM

Cisco ECE Vulnerability Could Lead to Open Redirect Attacks

CVE-2022-20634

CiscoCisco Enterprise Chat ...4.7MEDIUM

Cisco RCM for StarOS Software Vulnerability Could Lead to Information Disclosure

CVE-2022-20648

CiscoCisco Redundancy Confi...5.3MEDIUM

Unauthenticated Remote Code Execution Vulnerability in Cisco RCM for StarOS

CVE-2022-20649

CiscoCisco Redundancy Confi...8.1HIGH

Cisco Tetration Vulnerability Allowing Arbitrary Command Execution

CVE-2022-20652

CiscoCisco Secure Workload6.5MEDIUM

Command Injection Vulnerability in ConfD Could Allow Authenticated Attacker to Execute Arbitrary Commands with Root Privileges

CVE-2022-20655

CiscoCisco iOS Xr Software8.8HIGH

Cisco PI and EPNMWeb-Based Management Interface Vulnerability

CVE-2022-20657

CiscoCisco Evolved Programm...6.1MEDIUM

Cisco Secure Network Analytics Vulnerability Could Lead to XSS Attacks

CVE-2022-20663

CiscoCisco Secure Network A...6.1MEDIUM

Cisco Snort Detection Engine Vulnerability Could Lead to DoS Conditions

CVE-2022-20685

CiscoCisco Cyber Vision7.5HIGH

Cisco PI and EPNM Web-Based Management Interface Vulnerability

CVE-2022-20656

CiscoCisco Evolved Programm...6.5MEDIUM

Cisco ATA 190 Series Adaptive Telephone Adapter Vulnerability to Cause Denial of Service

CVE-2022-20766

CiscoCisco Analog Telephone...5.3MEDIUM

Unauthenticated Attacker could Impersonate Legitimate Device and Pair with Affected Device

CVE-2022-20793

CiscoCisco Roomos Software6.8MEDIUM

Cisco Expressway-C and TelePresence VCS Vulnerability: Unauthorized Access to Sensitive Data possible via SSL Certificate Validation Flaw

CVE-2022-20814

CiscoCisco Telepresence Vid...7.4HIGH

Cisco Discovery Protocol Vulnerability Could Lead to Reload and Limited Remote Code Execution

CVE-2022-20846

CiscoCisco iOS Xr Software4.3MEDIUM

Cisco NCS 4000 Series Vulnerability Could Lead to Memory Leak and Denial of Service

CVE-2022-20845

CiscoCisco iOS Xr Software6MEDIUM

Cisco PPPoE Vulnerability Could Lead to Denial of Service

CVE-2022-20849

CiscoCisco iOS Xr Software6.1MEDIUM

Cisco BroadWorks Hosted Thin Receptionist Vulnerability Could Lead to XSS Attacks

CVE-2022-20948

CiscoCisco Broadworks5.4MEDIUM

Cisco TelePresence CE Software Vulnerability Affects Touch 10 Devices

CVE-2022-20931

CiscoCisco Telepresence End...6.5MEDIUM

Cisco Issues Security Advisory for Cross-Site Request Forgery Vulnerability

CVE-2022-20853

CiscoCisco Telepresence Vid...7.4HIGH

Cisco AsyncOS for Cisco Secure Web Appliance Vulnerability

CVE-2022-20871

CiscoCisco Secure Web Appli...6.3MEDIUM

Cisco Smart Software Manager On-Prem Vulnerability

CVE-2022-20939

CiscoCisco Smart Software M...4.3MEDIUM

Cisco TelePresence CE and RoomOS Vulnerabilities Could Allow Arbitrary File Overwrite

CVE-2023-20004

CiscoCisco Roomos Software4.4MEDIUM

Cisco IND Vulnerability Allows Arbitrary Commands Execution with Admin Privileges

CVE-2023-20036

CiscoCisco Industrial Netwo...9.9CRITICAL

Cisco IND Vulnerability Could Allow Local Attacker to Read Sensitive Information

CVE-2023-20039

CiscoCisco Industrial Netwo...5.5MEDIUM

Cisco Prime Collaboration Deployment vulnerability: Un authenticated remote attacker can conduct cross-site scripting attack

CVE-2023-20060

CiscoCisco Prime Collaborat...6.1MEDIUM

Cisco TelePresence CE and RoomOS Vulnerability: Elevated Privileges for Authenticated Attackers

CVE-2023-20090

CiscoCisco Roomos Software6.7MEDIUM

Cisco TelePresence CE and RoomOS Vulnerability Allows Arbitrary File Overwriting

CVE-2023-20091

CiscoCisco Telepresence End...5.1MEDIUM

Three Vulnerabilities in CLI of Cisco TelePresence CE and RoomOS Could Allow Local Attacker to Overwrite Arbitrary Files

CVE-2023-20092

CiscoCisco Roomos Software4.4MEDIUM

Arbitrary File Overwriting Vulnerabilities in Cisco TelePresence CE and RoomOS

CVE-2023-20093

CiscoCisco Roomos Software4.4MEDIUM

Unauthorized Access to Sensitive Information on Cisco Webex Desk Hub Devices

CVE-2023-20094

CiscoCisco Roomos Software4.3MEDIUM

Unauthenticated Remote Attacker Could Exhaust System Resources and Cause Denial of Service

CVE-2023-20125

CiscoCisco Broadworks8.6HIGH

Cisco Modeling Labs External Authentication Vulnerability

CVE-2023-20154

CiscoCisco Modeling Labs9.1CRITICAL

Cisco IOS and IOS XE Vulnerability: SNMP ACL Implementation Flaw Allows Unauthorized Access

CVE-2024-20373

CiscoCisco iOS Xe Catalyst ...5.3MEDIUM

November 6

Stored XSS Vulnerability in Cisco AsyncOS Software Could Allow Authenticated Attackers to Steal Sensitive Information

CVE-2024-20504

Cisco

Cisco ISE Web-Based Management Interface Vulnerability

CVE-2024-20539

CiscoIdentity Services Engine4.8MEDIUM

Cisco ISE Vulnerability Allows Authenticated Attackers to Bypass Authorization Mechanisms

CVE-2024-20537

CiscoIdentity Services Engine6.5MEDIUM

Cisco ISE Web-Based Management Interface Vulnerability

CVE-2024-20538

CiscoIdentity Services Engine6.1MEDIUM

Cisco Web UI Vulnerability Could Lead to Stored Cross-Site Scripting Attacks

CVE-2024-20534

Cisco

Command Injection Vulnerability in Cisco Unified Industrial Wireless Software Could Allow Remote Root Access

CVE-2024-20418

CiscoCisco Aironet Access P...😄👾10CRITICAL

Cisco ISE Vulnerability Could Allow Remote Access to Sensitive Files

CVE-2024-20531

CiscoIdentity Services Engine6.5MEDIUM

Cisco ISE API Vulnerability Allows Remote File Read and Delete

CVE-2024-20532

Cisco

Cisco Desk Phone and IP Phone Vulnerabilities

CVE-2024-20533

Cisco

Cisco Nexus Dashboard Fabric Controller Vulnerability Could Allow Arbitrary SQL Commands

CVE-2024-20536

CiscoCisco Data Center Netw...👾8.8HIGH

Cisco ISE API Vulnerability Allows Arbitrary File Access

CVE-2024-20527

Cisco

Cisco ISE API Vulnerability Allows File Uploads and Elevated Privileges

CVE-2024-20528

Cisco

Cisco Nexus 3550-F Switches Vulnerability

CVE-2024-20371

Cisco

Cisco EPNM and Prime Infrastructure Vulnerability Could Lead to Stored XSS Attacks

CVE-2024-20514

Cisco

Cisco ISE Web-Based Management Interface Vulnerable to XSS Attacks

CVE-2024-20525

CiscoIdentity Services Engine6.1MEDIUM

Cisco ISE API Vulnerability: Arbitrary File Read and Deletion Possible

CVE-2024-20529

Cisco

Cisco Meeting Management Vulnerability Allows Clear Text Sensitive Information Viewing

CVE-2024-20507

Cisco

Cisco Unified Communications Manager IM&P Logging Vulnerability: Unencrypted Credentials at Risk

CVE-2024-20457

Cisco

Cisco ECE Vulnerability Could Lead to Denial of Service

CVE-2024-20484

Cisco

Cisco ISE Stored XSS Vulnerability

CVE-2024-20487

Cisco

Cisco Unified Communications Manager Vulnerable to Cross-Site Scripting Attacks

CVE-2024-20511

Cisco