Vulnerabilities > Cisco > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-13 | CVE-2021-1238 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. | 3.5 |
2021-01-13 | CVE-2021-1239 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. | 3.5 |
2020-10-21 | CVE-2020-3352 | Unspecified vulnerability in Cisco Firepower Threat Defense A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands. local cisco | 1.9 |
2020-10-21 | CVE-2020-3585 | Information Exposure Through Discrepancy vulnerability in Cisco products A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. | 3.7 |
2020-10-14 | CVE-2020-3483 | Insufficiently Protected Credentials vulnerability in Cisco DUO Network Gateway Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL certificates and private keys were not excluded from logging. | 3.3 |
2020-10-08 | CVE-2020-3320 | Cross-site Scripting vulnerability in Cisco Firepower Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |
2020-10-08 | CVE-2020-3536 | Cross-site Scripting vulnerability in Cisco Sd-Wan A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 3.5 |
2020-09-24 | CVE-2020-3418 | Unspecified vulnerability in Cisco IOS XE 17.1.1 A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. low complexity cisco | 3.3 |
2020-09-24 | CVE-2020-3476 | Files or Directories Accessible to External Parties vulnerability in Cisco IOS 16.10.1/16.9 A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. | 3.6 |
2020-09-24 | CVE-2020-3477 | Incorrect Authorization vulnerability in Cisco IOS 16.3.11 A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. | 2.1 |