Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-23 | CVE-2020-3117 | Unspecified vulnerability in Cisco products A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. network cisco | 4.3 |
2020-09-23 | CVE-2020-3116 | Improper Input Validation vulnerability in Cisco Webex Meetings Online and Webex Meetings Server A vulnerability in the way Cisco Webex applications process Universal Communications Format (UCF) files could allow an attacker to cause a denial of service (DoS) condition. | 4.3 |
2020-09-23 | CVE-2019-1736 | Improper Verification of Cryptographic Signature vulnerability in Cisco products A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. | 6.9 |
2020-09-04 | CVE-2020-3547 | Insufficiently Protected Credentials vulnerability in Cisco Asyncos A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. | 6.5 |
2020-09-04 | CVE-2020-3546 | Improper Input Validation vulnerability in Cisco Asyncos A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. | 5.0 |
2020-09-04 | CVE-2020-3545 | Out-of-bounds Write vulnerability in Cisco Firepower Extensible Operating System A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. | 6.7 |
2020-09-04 | CVE-2020-3542 | Improper Input Validation vulnerability in Cisco Webex Training A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. | 5.3 |
2020-09-04 | CVE-2020-3541 | Information Exposure Through Log Files vulnerability in Cisco Webex Meetings and Webex Teams A vulnerability in the media engine component of Cisco Webex Meetings Client for Windows, Cisco Webex Meetings Desktop App for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to gain access to sensitive information. | 4.4 |
2020-09-04 | CVE-2020-3537 | Information Exposure vulnerability in Cisco Jabber A vulnerability in Cisco Jabber for Windows software could allow an authenticated, remote attacker to gain access to sensitive information. | 5.7 |
2020-09-04 | CVE-2020-3498 | Improper Input Validation vulnerability in Cisco Jabber A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. | 6.5 |