Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-26 | CVE-2022-20776 | Path Traversal vulnerability in Cisco Telepresence Collaboration Endpoint Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. | 6.7 |
| 2022-10-26 | CVE-2022-20811 | Path Traversal vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. | 7.2 |
| 2022-10-26 | CVE-2022-20822 | Improper Input Validation vulnerability in Cisco Identity Services Engine 3.1/3.2 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device. | 8.1 |
| 2022-10-26 | CVE-2022-20933 | Unspecified vulnerability in Cisco products A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2022-10-26 | CVE-2022-20953 | Path Traversal vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. | 5.5 |
| 2022-10-26 | CVE-2022-20954 | Path Traversal vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. | 7.1 |
| 2022-10-26 | CVE-2022-20955 | Path Traversal vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. | 7.1 |
| 2022-10-26 | CVE-2022-20959 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 5.4 |
| 2022-10-10 | CVE-2022-20830 | Missing Authentication for Critical Function vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. | 5.3 |
| 2022-10-10 | CVE-2022-20837 | Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco IOS XE A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |