Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-04 | CVE-2020-3185 | Cross-site Scripting vulnerability in Cisco Telepresence Management Suite A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 3.5 |
| 2020-03-04 | CVE-2020-3182 | Information Exposure vulnerability in Cisco Webex Meetings 40.1.8.5 A vulnerability in the multicast DNS (mDNS) protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running. | 3.3 |
| 2020-03-04 | CVE-2020-3181 | Resource Exhaustion vulnerability in Cisco Email Security Appliance A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated remote attacker to exhaust resources on an affected device. | 6.4 |
| 2020-03-04 | CVE-2020-3176 | OS Command Injection vulnerability in Cisco products A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. | 7.2 |
| 2020-03-04 | CVE-2020-3164 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. | 5.0 |
| 2020-03-04 | CVE-2020-3157 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 3.5 |
| 2020-03-04 | CVE-2020-3155 | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable Products section. | 5.8 |
| 2020-03-04 | CVE-2020-3148 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Network Registrar A vulnerability in the web-based interface of Cisco Prime Network Registrar (CPNR) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 4.3 |
| 2020-03-04 | CVE-2020-3128 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 9.3 |
| 2020-03-04 | CVE-2020-3127 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 9.3 |