Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-26 | CVE-2020-3490 | Path Traversal vulnerability in Cisco Vision Dynamic Signage Director 6.2.0 A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. | 4.9 |
| 2020-08-26 | CVE-2020-3485 | Incorrect Default Permissions vulnerability in Cisco Vision Dynamic Signage Director 6.2.0 A vulnerability in the role-based access control (RBAC) functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. | 6.3 |
| 2020-08-26 | CVE-2020-3484 | Incorrect Default Permissions vulnerability in Cisco Vision Dynamic Signage Director 6.2(0) A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. | 5.3 |
| 2020-08-26 | CVE-2020-3466 | Cross-site Scripting vulnerability in Cisco DNA Center Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 4.3 |
| 2020-08-26 | CVE-2020-3440 | Path Traversal vulnerability in Cisco Webex Meetings A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. | 4.3 |
| 2020-08-17 | CVE-2020-3502 | Improper Input Validation vulnerability in Cisco Webex Meetings and Webex Meetings Server Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. | 4.1 |
| 2020-08-17 | CVE-2020-3501 | Improper Input Validation vulnerability in Cisco Webex Meetings and Webex Meetings Server Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. | 4.1 |
| 2020-08-17 | CVE-2020-3472 | Incorrect Authorization vulnerability in Cisco Webex Meetings Online A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. | 5.0 |
| 2020-08-17 | CVE-2020-3464 | Cross-site Scripting vulnerability in Cisco UCS Director A vulnerability in the web-based management interface of Cisco UCS Director could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.8 |
| 2020-08-17 | CVE-2020-3463 | Cross-site Scripting vulnerability in Cisco Webex Meetings Online A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. | 6.1 |