Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-22 | CVE-2022-20907 | Improper Privilege Management vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2022-07-22 | CVE-2022-20908 | Improper Input Validation vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2022-07-22 | CVE-2022-20909 | Improper Input Validation vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2022-07-22 | CVE-2022-20913 | Improper Input Validation vulnerability in Cisco Nexus Dashboard A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. | 6.5 |
| 2022-07-22 | CVE-2022-20916 | Cross-site Scripting vulnerability in Cisco IOT Control Center A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2022-07-06 | CVE-2022-20752 | Information Exposure Through Discrepancy vulnerability in Cisco Unified Communications Manager and Unity Connection A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a timing attack. | 5.3 |
| 2022-07-06 | CVE-2022-20768 | Information Exposure Through Log Files vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. | 4.9 |
| 2022-07-06 | CVE-2022-20791 | Path Traversal vulnerability in Cisco Unified Communications Manager A vulnerability in the database user privileges of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. | 6.5 |
| 2022-07-06 | CVE-2022-20800 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2022-07-06 | CVE-2022-20808 | Resource Exhaustion vulnerability in Cisco Smart Software Manager On-Prem 8202004/8202108 A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |