Vulnerabilities > Cisco > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-03 | CVE-2022-20757 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
2022-05-03 | CVE-2022-20759 | Improper Privilege Management vulnerability in Cisco Firepower Threat Defense A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. | 8.8 |
2022-05-03 | CVE-2022-20760 | Resource Exhaustion vulnerability in Cisco Firepower Threat Defense A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. | 7.5 |
2022-05-03 | CVE-2022-20767 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
2022-04-21 | CVE-2022-20732 | Incorrect Default Permissions vulnerability in Cisco Virtualized Infrastructure Manager 3.6.0/4.0.0 A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. | 7.8 |
2022-04-21 | CVE-2022-20773 | Use of Hard-coded Credentials vulnerability in Cisco Umbrella A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. | 8.1 |
2022-04-21 | CVE-2022-20783 | Improper Input Validation vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
2022-04-21 | CVE-2022-20786 | SQL Injection vulnerability in Cisco Unified Communications Manager IM and Presence Service A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.1 |
2022-04-21 | CVE-2022-20795 | Insufficient Verification of Data Authenticity vulnerability in Cisco Adaptive Security Appliance A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. | 7.5 |
2022-04-15 | CVE-2022-20622 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Aironet Access Point Software A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. | 7.5 |