Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-15 | CVE-2022-20622 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Aironet Access Point Software A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. | 7.5 |
| 2022-04-15 | CVE-2022-20678 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS XE A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2022-04-15 | CVE-2022-20679 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.7 |
| 2022-04-15 | CVE-2022-20681 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. | 7.8 |
| 2022-04-15 | CVE-2022-20682 | NULL Pointer Dereference vulnerability in Cisco IOS XE A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2022-04-15 | CVE-2022-20683 | Out-of-bounds Write vulnerability in Cisco IOS XE A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2022-04-15 | CVE-2022-20693 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. | 7.2 |
| 2022-04-15 | CVE-2022-20697 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS and IOS XE A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2022-04-15 | CVE-2022-20714 | Out-of-bounds Read vulnerability in Cisco IOS XR A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. | 8.6 |
| 2022-04-15 | CVE-2022-20716 | Unspecified vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. | 7.8 |