Cisco Latest Vulnerabilities

September 11

Vulnerability in Cisco IOS XR Software Could Lead to UDP Packet Memory Exhaustion and DoS Conditions

CVE-2024-20304
CiscoCisco iOS Xr Software๐Ÿ‘พ8.6HIGH

Cisco IOS XR Software Vulnerability Could Allow Access to MongoDB Credentials

CVE-2024-20489
CiscoCisco iOS Xr Software๐Ÿ‘พ8.4HIGH

Cisco Routed PON Controller Software Vulnerabilities Allow Command Injection and Root Access

CVE-2024-20483
CiscoCisco iOS Xr Software๐Ÿ‘พ7.2HIGH

Cisco IOS XR Software Vulnerability Could Lead to Denial of Service

CVE-2024-20406
CiscoCisco iOS Xr Software๐Ÿ‘พ7.4HIGH

Cisco ConfD JSON-RPC API Vulnerability Could Allow Remote Authenticated Attacker to Modify Configuration

CVE-2024-20381
CiscoCisco iOS Xr Software๐Ÿ‘พ8.8HIGH

Cisco IOS XR Software Vulnerability Could Lead to Denial of Service

CVE-2024-20317
CiscoCisco iOS Xr Software๐Ÿ‘พ7.4HIGH

Cisco IOS XR Software Vulnerability Allows Elevation of Privileges

CVE-2024-20398
CiscoCisco iOS Xr Software๐Ÿ‘พ8.8HIGH

Cisco IOS XR Software Vulnerability Could Lead to Denial of Service on XML TCP Port 38751

CVE-2024-20390
CiscoCisco iOS Xr Software๐Ÿ‘พ5.3MEDIUM

Cisco IOS XR Software Vulnerability Allows Read-Only Access to Linux File System

CVE-2024-20343
CiscoCisco iOS Xr Software๐Ÿ‘พ5.5MEDIUM

September 4

Critical Vulnerability in Clam AntiVirus Could Allow Local Attacker to Corrupt System Files

CVE-2024-20506
CiscoClamav6.1MEDIUM

ClamAV Vulnerability Could Lead to Denial of Service

CVE-2024-20505
CiscoClamav7.5HIGH

CVE-2024-20503
CiscoDuo Authentication For...5.5MEDIUM

Unauthenticated Remote Attackers Can Log in to Cisco Systems with Administrative Privileges

CVE-2024-20439
CiscoCisco Smart License Ut...๐Ÿ‘พ9.8CRITICAL

Cisco Smart Licensing Utility Information Disclosure Vulnerability

CVE-2024-20440
CiscoCisco Smart License Ut...๐Ÿ‘พ7.5HIGH

Cisco Identity Services Engine Command Injection Vulnerability

CVE-2024-20469
CiscoCisco Identity Service...๐Ÿ‘พ6MEDIUM

August 28

Cisco NX-OS Software Vulnerability: Elevated Privileges for Authenticated Attackers

CVE-2024-20413
CiscoCisco Nx-os Software๐Ÿ‘พ6.7MEDIUM

Cisco NX-OS Software Vulnerability Allows Low-Privileged Attackers to Escape Python Sandbox and Access Underlying OS

CVE-2024-20286
Cisco

Vulnerability in Cisco APIC Could Allow Attacker to Disrupt Network Traffic

CVE-2024-20279
Cisco

Vulnerability in Python Interpreter Could Lead to Unauthorized Access

CVE-2024-20285
Cisco

Cisco NX-OS Software Vulnerability: Elevated Privileges with Authenticated Attack

CVE-2024-20284
Cisco

Cisco APIC Vulnerability Could Lead to Arbitrary Code Injection

CVE-2024-20478
CiscoCisco Application Poli...๐Ÿ‘พ6.5MEDIUM

Cisco NX-OS Software Vulnerability Allows Arbitrary Command Execution

CVE-2024-20289
Cisco

Cisco NX-OS Software Vulnerability Could Lead to Denial of Service

CVE-2024-20446
Cisco

Cisco NX-OS Software Vulnerability Allows Arbitrary Code Execution as Root

CVE-2024-20411
CiscoCisco Nx-os Software๐Ÿ‘พ6.7MEDIUM

August 21

Blind SQL Injection Vulnerabilities in Cisco ISE REST API

CVE-2024-20417
CiscoCisco Identity Service...๐Ÿ‘พ6.5MEDIUM

Cisco ISE Vulnerability Allows Attacker to Obtain Sensitive Information

CVE-2024-20466
CiscoCisco Identity Service...๐Ÿ‘พ6.5MEDIUM

Cisco ISE Vulnerability: Arbitrary Actions Possible via CSRF

CVE-2024-20486
CiscoCisco Identity Service...๐Ÿ‘พ6.5MEDIUM

Cisco Unified Communications Manager Vulnerable to Cross-Site Scripting Attacks

CVE-2024-20488
CiscoCisco Unified Communic...๐Ÿ‘พ6.1MEDIUM

Cisco Unified CM/SME Vulnerability Could Lead to Denial of Service

CVE-2024-20375
CiscoCisco Unified Communic...๐Ÿ‘พ8.6HIGH

August 7

Unauthorized Remote Attack on IP Phones Could Cause Device Reload

CVE-2024-20451
CiscoCisco Small Business I...๐Ÿ‘พ7.5HIGH

Unauthenticated Remote Attackers Could Execute Arbitrary Commands with Root Privileges

CVE-2024-20454
CiscoCisco Small Business I...๐Ÿ‘พ9.8CRITICAL

Unauthorized Remote Execution of Arbitrary Commands on Cisco Small Business IP Phones

CVE-2024-20450
CiscoCisco Small Business I...๐Ÿ‘พ9.8CRITICAL

Cisco ISE Web-Based Management Interface Vulnerability

CVE-2024-20479
CiscoCisco Identity Service...๐Ÿ‘พ4.8MEDIUM

Cisco ISE Web-Based Management Interface Vulnerability: XSS Attack Possible

CVE-2024-20443
CiscoCisco Adaptive Securit...๐Ÿ‘พ5.4MEDIUM

July 17

Cisco Webex App Vulnerability Allows Unauthorized Access to Sensitive Information

CVE-2024-20396
CiscoCisco Webex Teams๐Ÿ‘พ5.3MEDIUM

Unsecured Media Retrieval Vulnerability in Cisco Webex App Could Allow Access to Sensitive Session Information

CVE-2024-20395
CiscoCisco Webex Teams๐Ÿ‘พ6.4MEDIUM

Attacker Could Redirect Users to Malicious Web Page via Cisco Expressway Series Vulnerability

CVE-2024-20400
CiscoCisco Telepresence Vid...๐Ÿ‘พ4.7MEDIUM

Cisco AsyncOS for Secure Email Gateway Vulnerability Could Lead to Arbitrary System Command Execution

CVE-2024-20429
CiscoCisco Secure Email๐Ÿ‘พ6.5MEDIUM

Cisco RV340/RV345 Vulnerability: Arbitrary Code Execution via HTTP Requests

CVE-2024-20416
CiscoCisco Small Business R...๐Ÿ‘พ6.5MEDIUM

Cisco iNode Software Vulnerability Could Allow Hijacking of TLS Connections and Denial of Service

CVE-2024-20323
CiscoCisco Intelligent Node...๐Ÿ‘พ7.5HIGH

Cisco ISE Vulnerability Allows Arbitrary File Upload and RootElevation

CVE-2024-20296
CiscoCisco Identity Service...๐Ÿ‘พ4.7MEDIUM

Cisco AsyncOS for Secure Web Appliance Vulnerability: Arbitrary Command Execution and Privilege Escalation

CVE-2024-20435
CiscoCisco Secure Web Appli...๐Ÿ‘พ8.8HIGH

Unauthenticated Password Change Vulnerability in Cisco SSM On-Prem

CVE-2024-20419
CiscoCisco Smart Software M...๐Ÿ‘พ10CRITICAL

Cisco Secure Email Gateway Vulnerability: Arbitrary File Overwrite Confirmed

CVE-2024-20401
CiscoCisco Secure Email๐Ÿ‘พ9.8CRITICAL

July 10

Cisco IOS XR Software Vulnerability Could Allow Local Attacker to Bypass Secure Boot and Load Unverified Software

CVE-2024-20456
CiscoCisco iOS Xr Software๐Ÿ‘พ6.7MEDIUM

July 1

Cisco NX-OS Software Vulnerability: Arbitrary Command Execution as Root

CVE-2024-20399
CiscoCisco Nx-os Software๐Ÿ‘พ6.7MEDIUM

June 17

Cisco Firepower Threat Defense System Vulnerability

CVE-2024-1469
Cisco

June 5

CVE-2024-20405
CiscoCisco Unified Contact ...๐Ÿ‘พ6.1MEDIUM

Cisco Finesse Vulnerability Could Lead to SSRF Attacks

CVE-2024-20404
CiscoFinesse5.3MEDIUM

May 22

Cisco Firepower Management Center Software Vulnerability: SQL Injection Attacks Possible

CVE-2024-20360
CiscoFirepower Management C...๐Ÿ‘พ8.8HIGH

CVE-2024-20361
CiscoCisco Firepower Manage...๐Ÿ‘พ5.8MEDIUM

Cisco Firepower Management Center Software Vulnerability: SQL Injection Attacks Possible

CVE-2023-20239
CiscoCisco Firepower Manage...๐Ÿ‘พ8.8HIGH

May 16

Arbitrary File Read and Write Vulnerability in Cisco ConfD and Crosswork Network Services Orchestrator CLI

CVE-2024-20389
CiscoCisco Confd๐Ÿ‘พ7.8HIGH

Arbitrary File Read and Write Vulnerability in Cisco ConfD and Crosswork Network Services Orchestrator CLI

CVE-2024-20326
CiscoCisco Confd๐Ÿ‘พ7.8HIGH

May 15

Cisco AsyncOS Software Vulnerability Could Lead to XSS Attacks

CVE-2024-20383
CiscoCisco Secure Email And...๐Ÿ‘พ4.8MEDIUM

Cisco Secure Email Gateway Vulnerability Could Lead to XSS Attacks

CVE-2024-20257
CiscoCisco Secure Email๐Ÿ‘พ4.8MEDIUM

Cisco AsyncOS Software Vulnerability Could Lead to XSS Attacks

CVE-2024-20256
CiscoCisco Secure Web Appli...๐Ÿ‘พ4.8MEDIUM

Cisco AsyncOS Software Vulnerability Could Lead to XSS Attacks

CVE-2024-20258
CiscoCisco Secure Email๐Ÿ‘พ6.1MEDIUM

Cisco NSO Vulnerability Allows Elevation of Privileges

CVE-2024-20366
CiscoCisco Network Services...๐Ÿ‘พ7.8HIGH

Unauthenticated Privilege Elevation Vulnerability in Cisco NAM Could Allow Attacker to Execute Arbitrary Code with SYSTEM Privileges

CVE-2024-20391
CiscoCisco Secure Client๐Ÿ‘พ6.8MEDIUM

Cisco NSO Vulnerability: Unauthenticated Remote Redirection to Malicious Website

CVE-2024-20369
CiscoCisco Network Services...๐Ÿ‘พ4.7MEDIUM

Cisco Secure Email Gateway Vulnerability Could Lead to XSS Attacks

CVE-2024-20392
CiscoCisco Secure Email๐Ÿ‘พ6.1MEDIUM

Unauthenticated Local Attackers Can Cause Denial of Service on Cisco AppDynamics Network Visibility Agent

CVE-2024-20394
CiscoCisco Appdynamics๐Ÿ‘พ5.5MEDIUM

May 1

Cisco IP Phone Firmware Vulnerability Could Lead to DoS Condition

CVE-2024-20376
CiscoCisco Ip Phones With M...๐Ÿ‘พ7.5HIGH

Unauthorized Access to Sensitive Information in Cisco IP Phone Firmware

CVE-2024-20378
CiscoCisco Ip Phones With M...๐Ÿ‘พ7.5HIGH

Unauthenticated Remote Attacker Could Initiate Calls on Affected Devices via XML Service Vulnerability

CVE-2024-20357
CiscoCisco Ip Phones With M...๐Ÿ‘พ5.9MEDIUM

April 24

Cisco TelePresence Management Suite Software Vulnerability Could Lead to Cross-Site Scripting Attacks

CVE-2023-20249
CiscoCisco Telepresence Man...5.4MEDIUM

Cisco TelePresence Management Suite Software Vulnerability Could Lead to Cross-Site Scripting Attacks

CVE-2023-20248
CiscoCisco Telepresence Man...๐Ÿ‘พ

Cisco IOS XE Software Vulnerability Could Lead to Unauthorized Reload and Denial of Service

CVE-2024-20313
CiscoCisco iOS Xe Software๐Ÿ‘พ7.4HIGH

Cisco IMC CLI Vulnerability Could Lead to Privilege Elevation

CVE-2024-20295
CiscoCisco Unified Computin...8.8HIGH

Cisco IMC Vulnerability Could Lead to Command Injection and Privilege Escalation

CVE-2024-20356
CiscoCisco Unified Computin...๐Ÿ‘พ8.7HIGH

Cisco ASA Restore Vulnerability Allows Arbitrary Command Execution

CVE-2024-20358
CiscoCisco Adaptive Securit...๐Ÿ‘พ6MEDIUM

Cisco ASA Software Vulnerability Allows Arbitrary Code Execution with Root Privileges

CVE-2024-20359
CiscoCisco Adaptive Securit...๐Ÿ‘พ6MEDIUM

Cisco ASA Software Vulnerability Could Lead to Denial of Service

CVE-2024-20353
CiscoCisco Adaptive Securit...๐Ÿ”ฅ๐Ÿ˜„๐Ÿ‘พ8.6HIGH

April 3

CVE-2024-20282
CiscoCisco Nexus Dashboard๐Ÿ‘พ6MEDIUM

Cisco Small Business Routers Vulnerable to Cross-Site Scripting Attacks

CVE-2024-20362
Cisco

CVE-2024-20310
CiscoCisco iOS Xe Software๐Ÿ‘พ6.1MEDIUM

CVE-2024-20352
CiscoCisco Emergency Responder๐Ÿ‘พ4.9MEDIUM

March 27

Cisco IOS Software and IOS XE Software Vulnerability: Heap Overflow Due to IKEv1 Fragmentation Code Flaw

CVE-2024-20307
CiscoIos6.8MEDIUM

Cisco IOS and IOS XE Vulnerability: Heap Underflow Due to IKEv1 Fragmentation Code Flaw

CVE-2024-20308
CiscoIos8.6HIGH

Cisco Access Point Software Vulnerability Could Lead to Denial of Service

CVE-2024-20271
CiscoCisco Aironet Access P...๐Ÿ‘พ8.6HIGH

Unauthenticated Attacker Could Bypass Cisco Secure Boot Validation and Load Tampered Image on Affected Device

CVE-2024-20265
CiscoCisco iOS Xe Software๐Ÿ‘พ5.9MEDIUM

Cisco IOS XE Software Vulnerability Could Lead to Device Reload or Denial of Service

CVE-2024-20309
CiscoCisco iOS Xe Software๐Ÿ‘พ5.6MEDIUM

Cisco IOS XE Software for Wireless LAN Controllers (WLCs) Vulnerability Could Lead to Denial of Service

CVE-2024-20303
CiscoCisco Ios Xe Software7.4HIGH

Cisco IOS XE Software Vulnerability: Elevation of Privileges

CVE-2024-20278
CiscoCisco iOS Xe Software๐Ÿ‘พ6.5MEDIUM

Cisco UTD Configuration CLI Vulnerability Allows Arbitrary Code Execution as Root

CVE-2024-20306
CiscoCisco Ios Xe Software6MEDIUM

Cisco IPv4 SD-Access Fabric Edge Node Vulnerability Could Lead to Denial of Service

CVE-2024-20314
CiscoCisco iOS Xe Software๐Ÿ‘พ8.6HIGH

Cisco IOS and IOS XE Vulnerability Could Lead to Denial of Service

CVE-2024-20312
CiscoIos7.4HIGH

Cisco IOS XE Software Vulnerability Allows Access to WLAN Configuration Details Including Passwords

CVE-2024-20324
CiscoCisco iOS Xe Software๐Ÿ‘พ5.5MEDIUM

Cisco IOS XE Software Vulnerability Could Lead to Denial of Service

CVE-2024-20259
CiscoCisco iOS Xe Software๐Ÿ‘พ8.6HIGH

Cisco Catalyst 6000 Series Switches Vulnerability Could Lead to Unauthorized Reload and Denial of Service

CVE-2024-20276
CiscoIos7.4HIGH

Cisco IOS and IOS XE Software Vulnerability Could Lead to Device Reload and Denial of Service

CVE-2024-20311
CiscoiOS๐Ÿ‘พ8.6HIGH

Cisco IOS XE Software Vulnerability: Unauthorized Access to Protected Resources

CVE-2024-20316
CiscoCisco iOS Xe Software๐Ÿ‘พ5.8MEDIUM

Cisco Aironet AP Software Vulnerability Could Lead to Denial of Service

CVE-2024-20354
CiscoCisco Aironet Access P...4.7MEDIUM

Cisco Catalyst Center Vulnerability: Authenticated Attackers Can Modify Data

CVE-2024-20333
CiscoCisco Digital Network ...4.3MEDIUM

March 13

UDP Forwarding Vulnerability Allows Unauthorized Access to SNMP Server

CVE-2024-20319
CiscoCisco Ios Xr Software4.3MEDIUM

Vulnerability in Cisco IOS XR Software Could Lead to Denial of Service (DoS) Condition

CVE-2024-20262
CiscoCisco Ios Xr Software6.5MEDIUM

Cisco IOS XR Software Vulnerability Could Lead to Denial of Service

CVE-2024-20318
CiscoCisco Ios Xr Software7.4HIGH

Unauthenticated Remote Attackers Can Bypass Configured ACLs in Cisco IOS XR Software

CVE-2024-20315
CiscoCisco iOS Xr Software๐Ÿ‘พ5.8MEDIUM

Unauthenticated Remote Attackers Can Bypass Configured ACLs in Cisco IOS XR Software

CVE-2024-20322
CiscoCisco Ios Xr Software5.8MEDIUM