Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-30 | CVE-2022-20945 | Improper Input Validation vulnerability in Cisco products A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2022-09-27 | CVE-2021-27853 | Authentication Bypass by Spoofing vulnerability in multiple products Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. | 4.7 |
| 2022-09-08 | CVE-2022-20863 | Unspecified vulnerability in Cisco Webex Teams A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. | 5.3 |
| 2022-08-25 | CVE-2022-20865 | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. | 6.7 |
| 2022-08-10 | CVE-2022-20713 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. | 6.1 |
| 2022-08-10 | CVE-2022-20820 | Cross-site Scripting vulnerability in Cisco Webex Meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. | 5.4 |
| 2022-08-10 | CVE-2022-20852 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Webex Meetings Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. | 6.5 |
| 2022-08-10 | CVE-2022-20869 | Cross-site Scripting vulnerability in Cisco Broadworks A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. | 6.1 |
| 2022-08-10 | CVE-2022-20914 | Insufficiently Protected Credentials vulnerability in Cisco Identity Services Engine A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to obtain sensitive information. | 4.9 |
| 2022-07-22 | CVE-2022-20906 | Improper Privilege Management vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |