Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-18 | CVE-2020-3482 | Improper Privilege Management vulnerability in Cisco products A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations. | 6.5 |
| 2020-11-18 | CVE-2020-3471 | Improper Synchronization vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to maintain bidirectional audio despite being expelled from an active Webex session. | 6.5 |
| 2020-11-18 | CVE-2020-3441 | Unspecified vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to view sensitive information from the meeting room lobby. | 5.3 |
| 2020-11-18 | CVE-2020-27126 | Cross-site Scripting vulnerability in Cisco Webex Meetings 40.10.2 A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. | 6.1 |
| 2020-11-18 | CVE-2020-26081 | Injection vulnerability in Cisco IOT Field Network Director Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affected system. | 6.1 |
| 2020-11-18 | CVE-2020-26080 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. | 4.1 |
| 2020-11-18 | CVE-2020-26079 | Insufficiently Protected Credentials vulnerability in Cisco IOT Field Network Director A vulnerability in the web UI of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. | 4.9 |
| 2020-11-18 | CVE-2020-26078 | Path Traversal vulnerability in Cisco IOT Field Network Director A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. | 6.5 |
| 2020-11-18 | CVE-2020-26077 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. | 4.3 |
| 2020-11-18 | CVE-2020-26068 | Authorization Bypass Through User-Controlled Key vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. | 6.5 |