Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-15 | CVE-2022-20683 | Out-of-bounds Write vulnerability in Cisco IOS XE A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2022-04-15 | CVE-2022-20684 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. | 6.5 |
| 2022-04-15 | CVE-2022-20692 | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. | 6.5 |
| 2022-04-15 | CVE-2022-20693 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. | 7.2 |
| 2022-04-15 | CVE-2022-20694 | Reachable Assertion vulnerability in Cisco IOS XE A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. | 6.8 |
| 2022-04-15 | CVE-2022-20695 | Improper Authentication vulnerability in Cisco products A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. | 10.0 |
| 2022-04-15 | CVE-2022-20697 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS and IOS XE A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2022-04-15 | CVE-2022-20714 | Out-of-bounds Read vulnerability in Cisco IOS XR A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. | 8.6 |
| 2022-04-15 | CVE-2022-20716 | Unspecified vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. | 7.8 |
| 2022-04-15 | CVE-2022-20717 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Sd-Wan Vedge Router 20.7 A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. | 5.5 |