Vulnerabilities > Cisco > Low

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-20106 Unspecified vulnerability in Cisco Identity Services Engine 3.1/3.2
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system.
network
low complexity
cisco
3.8
2021-10-21 CVE-2021-34760 Cross-site Scripting vulnerability in Cisco Telepresence Management Suite
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
cisco CWE-79
3.5
2021-10-06 CVE-2021-34758 Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition.
local
low complexity
cisco CWE-732
3.3
2021-05-22 CVE-2021-1306 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Cisco Identity Services Engine
A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system.
local
low complexity
cisco CWE-610
3.4
2021-05-11 CVE-2020-26141 Improper Validation of Integrity Check Value vulnerability in multiple products
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H.
low complexity
alfa cisco siemens CWE-354
3.3
2021-05-11 CVE-2020-26140 An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H.
low complexity
alfa siemens arista cisco intel
3.3
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5
2021-05-11 CVE-2020-24587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key.
1.8
2021-02-04 CVE-2021-1354 Improper Certificate Validation vulnerability in Cisco Unified Computing System Central Software
A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent attacker to register a rogue Cisco Unified Computing System Manager (UCSM).
low complexity
cisco CWE-295
3.5
2021-01-13 CVE-2021-1126 Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Firepower Management Center
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center (FMC) could allow an authenticated, local attacker to view credentials for a configured proxy server.
local
low complexity
cisco CWE-732
2.1