Vulnerabilities > Cisco > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-01 CVE-2023-20255 Unspecified vulnerability in Cisco Meeting Server
A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
network
low complexity
cisco
5.3
2023-11-01 CVE-2023-20264 Unspecified vulnerability in Cisco products
A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session.
network
low complexity
cisco
6.1
2023-11-01 CVE-2023-20267 Unspecified vulnerability in Cisco Firepower Threat Defense
A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions.
network
low complexity
cisco
5.3
2023-11-01 CVE-2023-20005 Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2023-11-01 CVE-2023-20041 Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2023-11-01 CVE-2023-20074 Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2023-11-01 CVE-2023-20114 Improper Input Validation vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to download arbitrary files from an affected system.
network
low complexity
cisco CWE-20
6.5
2023-11-01 CVE-2023-20155 Resource Exhaustion vulnerability in Cisco Secure Firewall Management Center
A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload.
network
low complexity
cisco CWE-400
6.5
2023-11-01 CVE-2023-20177 Unspecified vulnerability in Cisco Firepower Threat Defense
A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart.
network
high complexity
cisco
4.0
2023-11-01 CVE-2023-20206 Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1