Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-10 | CVE-2022-20864 | Unspecified vulnerability in Cisco IOS XE ROM Monitor A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. low complexity cisco | 4.6 |
| 2022-10-10 | CVE-2022-20870 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 8.6 |
| 2022-10-10 | CVE-2022-20915 | Interpretation Conflict vulnerability in Cisco IOS XE A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 7.4 |
| 2022-10-10 | CVE-2022-20920 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. | 7.7 |
| 2022-10-10 | CVE-2022-20944 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XE A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. | 6.8 |
| 2022-09-30 | CVE-2022-20662 | Improper Authentication vulnerability in Cisco DUO 1.1.0/1.1.1/2.0 A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. | 6.8 |
| 2022-09-30 | CVE-2022-20728 | Unspecified vulnerability in Cisco products A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. low complexity cisco | 4.7 |
| 2022-09-30 | CVE-2022-20769 | Out-of-bounds Write vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2022-09-30 | CVE-2022-20775 | Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. | 7.8 |
| 2022-09-30 | CVE-2022-20810 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. | 6.5 |