Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-04 | CVE-2020-3498 | Improper Input Validation vulnerability in Cisco Jabber A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. | 6.5 |
| 2020-09-04 | CVE-2020-3495 | Improper Input Validation vulnerability in Cisco Jabber A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute arbitrary code. | 8.8 |
| 2020-09-04 | CVE-2020-3478 | Improper Input Validation vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. | 8.1 |
| 2020-09-04 | CVE-2020-3473 | Incorrect Authorization vulnerability in Cisco IOS XR A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. | 7.2 |
| 2020-09-04 | CVE-2020-3453 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. | 6.8 |
| 2020-09-04 | CVE-2020-3451 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. | 4.7 |
| 2020-09-04 | CVE-2020-3430 | OS Command Injection vulnerability in Cisco Jabber A vulnerability in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands. | 8.8 |
| 2020-09-04 | CVE-2020-3365 | Path Traversal vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. | 6.5 |
| 2020-08-29 | CVE-2020-3566 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XR 6.4.2 A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. | 8.6 |
| 2020-08-27 | CVE-2020-3517 | NULL Pointer Dereference vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. | 8.6 |