Vulnerabilities > Cisco > Low

DATE CVE VULNERABILITY TITLE RISK
2022-06-22 CVE-2022-20651 Information Exposure Through Log Files vulnerability in Cisco Adaptive Security Device Manager
A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system.
local
low complexity
cisco CWE-532
2.1
2022-06-15 CVE-2022-20664 Information Exposure vulnerability in Cisco Email Security Appliance
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device.
network
cisco CWE-200
3.5
2022-05-27 CVE-2022-20765 Cross-site Scripting vulnerability in Cisco UCS Director
A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system.
network
cisco CWE-79
3.5
2022-05-27 CVE-2022-20802 Cross-site Scripting vulnerability in Cisco Enterprise Chat and Email
A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
cisco CWE-79
3.5
2022-05-26 CVE-2022-20809 Information Exposure Through Log Files vulnerability in Cisco Telepresence Video Communication Server
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device.
network
cisco CWE-532
3.5
2022-05-03 CVE-2022-20627 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
cisco CWE-79
3.5
2022-05-03 CVE-2022-20628 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
cisco CWE-79
3.5
2022-05-03 CVE-2022-20629 Cross-site Scripting vulnerability in Cisco Firepower Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
cisco CWE-79
3.5
2022-04-21 CVE-2022-20805 Unspecified vulnerability in Cisco Umbrella Secure web Gateway
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system.
low complexity
cisco
2.7
2022-04-15 CVE-2022-20725 Path Traversal vulnerability in Cisco products
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software.
network
cisco CWE-22
3.5