Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-01 | CVE-2023-20255 | Unspecified vulnerability in Cisco Meeting Server A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.3 |
2023-11-01 | CVE-2023-20264 | Unspecified vulnerability in Cisco products A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. | 6.1 |
2023-11-01 | CVE-2023-20267 | Unspecified vulnerability in Cisco Firepower Threat Defense A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. | 5.3 |
2023-11-01 | CVE-2023-20005 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
2023-11-01 | CVE-2023-20041 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
2023-11-01 | CVE-2023-20074 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
2023-11-01 | CVE-2023-20114 | Improper Input Validation vulnerability in Cisco Secure Firewall Management Center A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to download arbitrary files from an affected system. | 6.5 |
2023-11-01 | CVE-2023-20155 | Resource Exhaustion vulnerability in Cisco Secure Firewall Management Center A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. | 6.5 |
2023-11-01 | CVE-2023-20177 | Unspecified vulnerability in Cisco Firepower Threat Defense A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. | 4.0 |
2023-11-01 | CVE-2023-20206 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |