Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-3235 | Improper Input Validation vulnerability in multiple products A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 7.7 |
| 2020-06-03 | CVE-2020-3234 | Use of Hard-coded Credentials vulnerability in Cisco IOS A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set of default credentials. | 8.8 |
| 2020-06-03 | CVE-2020-3232 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. | 7.7 |
| 2020-06-03 | CVE-2020-3230 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. | 7.5 |
| 2020-06-03 | CVE-2020-3229 | Incorrect Authorization vulnerability in Cisco IOS XE A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. | 8.8 |
| 2020-06-03 | CVE-2020-3228 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2020-06-03 | CVE-2020-3226 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2020-06-03 | CVE-2020-3225 | Improper Input Validation vulnerability in Cisco IOS and IOS XE Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2020-06-03 | CVE-2020-3224 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to inject IOS commands to an affected device. | 8.8 |
| 2020-06-03 | CVE-2020-3221 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |