Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-10 | CVE-2022-20870 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 8.6 |
| 2022-10-10 | CVE-2022-20915 | Interpretation Conflict vulnerability in Cisco IOS XE A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 7.4 |
| 2022-10-10 | CVE-2022-20920 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS and IOS XE A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. | 7.7 |
| 2022-09-30 | CVE-2022-20775 | Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. | 7.8 |
| 2022-09-30 | CVE-2022-20818 | Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. | 7.8 |
| 2022-09-30 | CVE-2022-20847 | Resource Exhaustion vulnerability in Cisco IOS XE 17.3.3 A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2022-09-30 | CVE-2022-20848 | Resource Exhaustion vulnerability in Cisco IOS XE 17.6.1/17.6.3/17.9.1 A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2022-09-30 | CVE-2022-20850 | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. | 7.1 |
| 2022-09-30 | CVE-2022-20851 | OS Command Injection vulnerability in Cisco IOS XE 17.6.1 A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. | 7.2 |
| 2022-09-30 | CVE-2022-20856 | Unspecified vulnerability in Cisco IOS XE 17.3.4C A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |