Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-30 | CVE-2022-20919 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS XE 17.9.1 A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2022-09-30 | CVE-2022-20930 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. | 6.7 |
| 2022-09-30 | CVE-2022-20945 | Improper Input Validation vulnerability in Cisco products A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2022-09-27 | CVE-2021-27853 | Authentication Bypass by Spoofing vulnerability in multiple products Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. | 4.7 |
| 2022-09-08 | CVE-2022-20696 | Unspecified vulnerability in Cisco Sd-Wan Vmanage A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system. low complexity cisco | 8.8 |
| 2022-09-08 | CVE-2022-20863 | Unspecified vulnerability in Cisco Webex Teams A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. | 5.3 |
| 2022-09-08 | CVE-2022-20923 | Improper Authentication vulnerability in Cisco products A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network. | 9.8 |
| 2022-08-25 | CVE-2022-20823 | Out-of-bounds Read vulnerability in Cisco products A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2022-08-25 | CVE-2022-20824 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. | 8.8 |
| 2022-08-25 | CVE-2022-20865 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 6.7 |