Vulnerabilities > Cisco

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-27134 Information Exposure vulnerability in Cisco Jabber and Jabber for Mobile Platforms
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.
network
low complexity
cisco CWE-200
critical
9.9
2020-12-11 CVE-2020-27133 Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.
network
low complexity
cisco CWE-269
critical
9.9
2020-12-11 CVE-2020-27132 Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.
network
low complexity
cisco CWE-269
critical
9.9
2020-12-11 CVE-2020-27127 Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.
network
low complexity
cisco CWE-269
critical
9.9
2020-11-18 CVE-2020-3586 OS Command Injection vulnerability in Cisco DNA Spaces: Connector
A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device.
network
low complexity
cisco CWE-78
critical
9.8
2020-11-18 CVE-2020-3531 Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director
A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system.
network
low complexity
cisco CWE-306
critical
9.8
2020-11-18 CVE-2020-3482 Improper Privilege Management vulnerability in Cisco products
A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations.
network
low complexity
cisco CWE-269
6.5
2020-11-18 CVE-2020-3471 Improper Synchronization vulnerability in Cisco Webex Meetings Server
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to maintain bidirectional audio despite being expelled from an active Webex session.
network
low complexity
cisco CWE-662
6.5
2020-11-18 CVE-2020-3470 Improper Input Validation vulnerability in Cisco products
Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges.
network
low complexity
cisco CWE-20
critical
9.8
2020-11-18 CVE-2020-3441 Unspecified vulnerability in Cisco Webex Meetings Server
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to view sensitive information from the meeting room lobby.
network
low complexity
cisco
5.3