Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-27 | CVE-2022-20674 | Cross-site Scripting vulnerability in Cisco Common Services Platform Collector Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2022-05-27 | CVE-2022-20765 | Cross-site Scripting vulnerability in Cisco UCS Director A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. | 4.8 |
| 2022-05-27 | CVE-2022-20797 | OS Command Injection vulnerability in Cisco Secure Network Analytics 2.1.1/7.4.1 A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. | 9.1 |
| 2022-05-27 | CVE-2022-20802 | Cross-site Scripting vulnerability in Cisco Enterprise Chat and Email A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 5.4 |
| 2022-05-27 | CVE-2022-20806 | Information Exposure Through Log Files vulnerability in Cisco Telepresence Video Communication Server Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. | 7.1 |
| 2022-05-27 | CVE-2022-20807 | Information Exposure Through Log Files vulnerability in Cisco Telepresence Video Communication Server Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. | 6.5 |
| 2022-05-26 | CVE-2022-20809 | Information Exposure Through Log Files vulnerability in Cisco Telepresence Video Communication Server Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. | 6.5 |
| 2022-05-26 | CVE-2022-20821 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. | 6.5 |
| 2022-05-04 | CVE-2022-20734 | Information Exposure vulnerability in Cisco Catalyst Sd-Wan Manager A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. | 4.4 |
| 2022-05-04 | CVE-2022-20753 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. | 7.2 |