Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-02 | CVE-2024-20491 | Information Exposure Through Log Files vulnerability in Cisco products A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file. | 8.6 |
| 2024-10-02 | CVE-2024-20492 | Command Injection vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 6.7 |
| 2024-10-02 | CVE-2024-20515 | Missing Encryption of Sensitive Data vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to a lack of proper data protection mechanisms for certain configuration settings. | 6.5 |
| 2024-10-02 | CVE-2024-20516 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. | 6.8 |
| 2024-10-02 | CVE-2024-20517 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. | 6.8 |
| 2024-10-02 | CVE-2024-20518 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. | 9.1 |
| 2024-10-02 | CVE-2024-20519 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. | 9.1 |
| 2024-10-02 | CVE-2024-20520 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. | 9.1 |
| 2024-10-02 | CVE-2024-20521 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. | 9.1 |
| 2024-10-02 | CVE-2024-20522 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. | 6.8 |