Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-3489 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 7.4 |
| 2020-09-24 | CVE-2020-3488 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 7.4 |
| 2020-09-24 | CVE-2020-3486 | Improper Input Validation vulnerability in Cisco IOS XE Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 6.5 |
| 2020-09-24 | CVE-2020-3475 | Improper Input Validation vulnerability in Cisco IOS Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. | 8.1 |
| 2020-09-24 | CVE-2020-3429 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1S A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device. | 6.5 |
| 2020-09-24 | CVE-2020-3426 | Improper Input Validation vulnerability in Cisco IOS A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. | 9.1 |
| 2020-09-24 | CVE-2020-3393 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. | 7.8 |
| 2020-09-24 | CVE-2020-3390 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition on an affected device. | 7.4 |
| 2020-09-24 | CVE-2020-3359 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2020-09-24 | CVE-2020-6020 | Improper Input Validation vulnerability in Checkpoint ICA Management Portal Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator. | 6.4 |