Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-21 | CVE-2022-20804 | Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco Unified Communications Manager A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. | 6.5 |
| 2022-04-21 | CVE-2022-20805 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cisco Umbrella Secure web Gateway A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. | 4.1 |
| 2022-04-15 | CVE-2022-20622 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Aironet Access Point Software A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. | 7.5 |
| 2022-04-15 | CVE-2022-20661 | Improper Initialization vulnerability in Cisco IOS Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. | 4.6 |
| 2022-04-15 | CVE-2022-20676 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. | 6.7 |
| 2022-04-15 | CVE-2022-20677 | Inadequate Encryption Strength vulnerability in Cisco IOS 17.6.1 Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. | 6.7 |
| 2022-04-15 | CVE-2022-20678 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS XE A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2022-04-15 | CVE-2022-20679 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.7 |
| 2022-04-15 | CVE-2022-20681 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. | 7.8 |
| 2022-04-15 | CVE-2022-20682 | NULL Pointer Dereference vulnerability in Cisco IOS XE A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |