Vulnerabilities > Cisco > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-12 | CVE-2020-16137 | Unspecified vulnerability in Cisco Unified IP Conference Station 7937G Firmware 1.4.4.0/1.4.5.7 A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values. | 9.8 |
| 2020-07-31 | CVE-2020-3382 | Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 9.8 |
| 2020-07-31 | CVE-2020-3376 | Missing Authentication for Critical Function vulnerability in Cisco Data Center Network Manager A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device. | 9.8 |
| 2020-07-31 | CVE-2020-3375 | Improper Input Validation vulnerability in Cisco IOS XE Sd-Wan and Sd-Wan A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. | 9.8 |
| 2020-07-31 | CVE-2020-3374 | Incorrect Authorization vulnerability in Cisco Sd-Wan A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system. | 9.9 |
| 2020-07-16 | CVE-2020-3357 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device or cause the device to reload, resulting in a denial of service (DoS) condition. | 9.8 |
| 2020-07-16 | CVE-2020-3331 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 9.8 |
| 2020-07-16 | CVE-2020-3330 | Use of Hard-coded Credentials vulnerability in Cisco Rv110W Wireless-N VPN Firewall Firmware A vulnerability in the Telnet service of Cisco Small Business RV110W Wireless-N VPN Firewall Routers could allow an unauthenticated, remote attacker to take full control of the device with a high-privileged account. | 9.8 |
| 2020-07-16 | CVE-2020-3323 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 9.8 |
| 2020-07-16 | CVE-2020-3144 | Improper Authentication vulnerability in Cisco products A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary commands with administrative commands on an affected device. | 9.8 |