Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-14 | CVE-2023-37464 | Unspecified vulnerability in Cisco Cjose OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE). | 7.5 |
| 2023-07-12 | CVE-2023-20185 | Inadequate Encryption Strength vulnerability in Cisco Nx-Os A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the implementation of the ciphers that are used by the CloudSec encryption feature on affected switches. | 7.4 |
| 2023-06-28 | CVE-2023-20006 | Incorrect Conversion between Numeric Types vulnerability in Cisco products A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. | 7.5 |
| 2023-06-28 | CVE-2023-20108 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Unified Communications Manager IM and Presence Service 12.5(1)/14Su A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are attempting to authenticate to the service, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. | 7.5 |
| 2023-06-28 | CVE-2023-20178 | Incorrect Default Permissions vulnerability in Cisco Anyconnect Secure Mobility Client and Secure Client A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. | 7.8 |
| 2023-06-28 | CVE-2023-20192 | Unspecified vulnerability in Cisco Telepresence Video Communication Server Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system. | 7.7 |
| 2023-05-18 | CVE-2023-20003 | Missing Authentication for Critical Function vulnerability in Cisco products A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. | 8.8 |
| 2023-05-18 | CVE-2023-20024 | Classic Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. | 7.5 |
| 2023-05-18 | CVE-2023-20163 | OS Command Injection vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 7.2 |
| 2023-05-18 | CVE-2023-20164 | OS Command Injection vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. | 7.2 |