Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-18 | CVE-2020-26080 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. | 4.0 |
| 2020-11-18 | CVE-2020-26079 | Insufficiently Protected Credentials vulnerability in Cisco IOT Field Network Director A vulnerability in the web UI of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. | 4.0 |
| 2020-11-18 | CVE-2020-26078 | Path Traversal vulnerability in Cisco IOT Field Network Director A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. | 5.5 |
| 2020-11-18 | CVE-2020-26077 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. | 4.0 |
| 2020-11-18 | CVE-2020-26076 | Information Exposure vulnerability in Cisco IOT Field Network Director A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. | 5.0 |
| 2020-11-18 | CVE-2020-26075 | SQL Injection vulnerability in Cisco IOT Field Network Director A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to gain access to the back-end database of an affected device. | 9.0 |
| 2020-11-18 | CVE-2020-26072 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the SOAP API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. | 5.5 |
| 2020-11-18 | CVE-2020-26068 | Authorization Bypass Through User-Controlled Key vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. | 6.5 |
| 2020-11-17 | CVE-2020-27131 | Deserialization of Untrusted Data vulnerability in Cisco Security Manager Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. | 9.8 |
| 2020-11-17 | CVE-2020-27130 | Unspecified vulnerability in Cisco Security Manager A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to gain access to sensitive information. | 9.1 |