Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-28 | CVE-2023-20199 | Unspecified vulnerability in Cisco DUO 2.0.1 A vulnerability in Cisco Duo Two-Factor Authentication for macOS could allow an authenticated, physical attacker to bypass secondary authentication and access an affected macOS device. low complexity cisco | 6.6 |
| 2023-05-18 | CVE-2023-20003 | Missing Authentication for Critical Function vulnerability in Cisco products A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. | 8.8 |
| 2023-05-18 | CVE-2023-20024 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 7.5 |
| 2023-05-18 | CVE-2023-20077 | Path Traversal vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. | 6.5 |
| 2023-05-18 | CVE-2023-20087 | Path Traversal vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. | 6.5 |
| 2023-05-18 | CVE-2023-20106 | Unspecified vulnerability in Cisco Identity Services Engine 3.1/3.2 Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. | 3.8 |
| 2023-05-18 | CVE-2023-20110 | SQL Injection vulnerability in Cisco Smart Software Manager On-Prem A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 6.5 |
| 2023-05-18 | CVE-2023-20156 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 9.8 |
| 2023-05-18 | CVE-2023-20157 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 9.8 |
| 2023-05-18 | CVE-2023-20158 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 9.8 |