Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-04 | CVE-2020-3498 | Improper Input Validation vulnerability in Cisco Jabber A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. | 6.5 |
| 2020-09-04 | CVE-2020-3453 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. | 6.8 |
| 2020-09-04 | CVE-2020-3451 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. | 4.7 |
| 2020-09-04 | CVE-2020-3365 | Path Traversal vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. | 6.5 |
| 2020-08-26 | CVE-2020-3523 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 5.4 |
| 2020-08-26 | CVE-2020-3522 | Incorrect Authorization vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to bypass authorization on an affected device and access sensitive information that is related to the device. | 6.3 |
| 2020-08-26 | CVE-2020-3521 | Improper Input Validation vulnerability in Cisco Data Center Network Manager A vulnerability in a specific REST API of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 6.5 |
| 2020-08-26 | CVE-2020-3520 | Information Exposure vulnerability in Cisco Data Center Network Manager A vulnerability in Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, local attacker to obtain confidential information from an affected device. | 5.5 |
| 2020-08-26 | CVE-2020-3518 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of the affected software. | 5.4 |
| 2020-08-26 | CVE-2020-3505 | Memory Leak vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. | 6.5 |