Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-06 | CVE-2020-3590 | Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. | 6.4 |
| 2020-11-06 | CVE-2020-3588 | Path Traversal vulnerability in Cisco Webex Meetings A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. | 7.8 |
| 2020-11-06 | CVE-2020-3587 | Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. | 6.4 |
| 2020-11-06 | CVE-2020-3579 | Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2020-11-06 | CVE-2020-3574 | Unspecified vulnerability in Cisco products A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. | 7.5 |
| 2020-11-06 | CVE-2020-3573 | Improper Initialization vulnerability in Cisco Webex Meetings and Webex Meetings Server Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
| 2020-11-06 | CVE-2020-3556 | Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client 4.9(3052)/98.145(86) A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. | 7.3 |
| 2020-11-06 | CVE-2020-3551 | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.6/2.7 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2020-11-06 | CVE-2020-3444 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. | 5.0 |
| 2020-11-06 | CVE-2020-3371 | OS Command Injection vulnerability in Cisco Integrated Management Controller 3.0(1C) A vulnerability in the web UI of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary code and execute arbitrary commands at the underlying operating system level. | 8.8 |