Vulnerabilities > Cisco > Low

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-20106 Unspecified vulnerability in Cisco Identity Services Engine 3.1/3.2
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system.
network
low complexity
cisco
3.8
2021-10-06 CVE-2021-34758 Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition.
local
low complexity
cisco CWE-732
3.3
2021-05-22 CVE-2021-1306 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Cisco Identity Services Engine
A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system.
local
low complexity
cisco CWE-610
3.4
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5
2021-05-11 CVE-2020-24587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key.
2.6
2021-02-04 CVE-2021-1354 Unspecified vulnerability in Cisco Unified Computing System Central Software
A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent attacker to register a rogue Cisco Unified Computing System Manager (UCSM).
low complexity
cisco
3.5
2020-10-21 CVE-2020-3585 Information Exposure Through Discrepancy vulnerability in Cisco products
A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information.
network
high complexity
cisco CWE-203
3.7
2020-08-27 CVE-2020-3504 Resource Exhaustion vulnerability in Cisco Firepower Extensible Operating System and Nx-Os
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device.
local
low complexity
cisco CWE-400
3.3
2020-06-03 CVE-2020-3319 Improper Input Validation vulnerability in Cisco Webex Network Recording Player and Webex Player
A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an attacker to cause a process crash resulting in a Denial of service (DoS) condition for the player application on an affected system.
local
low complexity
cisco CWE-20
3.3
2020-06-03 CVE-2020-3321 Improper Input Validation vulnerability in Cisco Webex Network Recording Player and Webex Player
A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an attacker to cause a process crash resulting in a Denial of service (DoS) condition for the player application on an affected system.
local
low complexity
cisco CWE-20
3.3