Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-3390 | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition on an affected device. | 5.7 |
| 2020-09-23 | CVE-2019-16023 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.0 |
| 2020-09-23 | CVE-2019-15963 | Unspecified vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive information in the web-based management interface of the affected software. | 4.0 |
| 2020-09-23 | CVE-2019-15974 | Improper Input Validation vulnerability in Cisco Managed Services Accelerator A vulnerability in the web interface of Cisco Managed Services Accelerator (MSX) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 5.8 |
| 2020-09-23 | CVE-2019-16021 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.0 |
| 2020-09-23 | CVE-2020-3137 | Cross-site Scripting vulnerability in Cisco Email Security Appliance A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2020-09-23 | CVE-2020-3135 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. | 6.8 |
| 2020-09-23 | CVE-2020-3133 | Improper Input Validation vulnerability in Cisco Email Security Appliance A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. | 5.0 |
| 2020-09-23 | CVE-2020-3130 | Improper Input Validation vulnerability in Cisco Unity Connection A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. | 5.5 |
| 2020-09-23 | CVE-2020-3124 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hosted Collaboration Mediation Fulfillment A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 4.3 |