Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-27 | CVE-2020-3504 | Resource Exhaustion vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. | 3.3 |
| 2020-08-27 | CVE-2020-3454 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system (OS). | 9.0 |
| 2020-08-27 | CVE-2020-3415 | Out-of-bounds Write vulnerability in Cisco Nx-Os A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. | 7.9 |
| 2020-08-27 | CVE-2020-3398 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. | 4.3 |
| 2020-08-27 | CVE-2020-3397 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. | 7.1 |
| 2020-08-27 | CVE-2020-3394 | Missing Authorization vulnerability in Cisco Nx-Os A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. | 7.2 |
| 2020-08-27 | CVE-2020-3338 | Improper Handling of Exceptional Conditions vulnerability in Cisco Nx-Os A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.0 |
| 2020-08-26 | CVE-2020-3523 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 5.4 |
| 2020-08-26 | CVE-2020-3522 | Incorrect Authorization vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to bypass authorization on an affected device and access sensitive information that is related to the device. | 6.3 |
| 2020-08-26 | CVE-2020-3521 | Improper Input Validation vulnerability in Cisco Data Center Network Manager A vulnerability in a specific REST API of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 6.5 |