Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-04 | CVE-2020-3453 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. | 6.8 |
| 2020-09-04 | CVE-2020-3451 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. | 4.7 |
| 2020-09-04 | CVE-2020-3365 | Path Traversal vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. | 6.5 |
| 2020-08-27 | CVE-2020-3398 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MVPN) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a BGP session to repeatedly reset, causing a partial denial of service (DoS) condition due to the BGP session being down. | 4.3 |
| 2020-08-27 | CVE-2020-3338 | Improper Handling of Exceptional Conditions vulnerability in Cisco Nx-Os A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.0 |
| 2020-08-26 | CVE-2020-3523 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 5.4 |
| 2020-08-26 | CVE-2020-3522 | Incorrect Authorization vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to bypass authorization on an affected device and access sensitive information that is related to the device. | 6.3 |
| 2020-08-26 | CVE-2020-3521 | Improper Input Validation vulnerability in Cisco Data Center Network Manager A vulnerability in a specific REST API of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 6.5 |
| 2020-08-26 | CVE-2020-3520 | Information Exposure vulnerability in Cisco Data Center Network Manager A vulnerability in Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, local attacker to obtain confidential information from an affected device. | 5.5 |
| 2020-08-26 | CVE-2020-3519 | Improper Input Validation vulnerability in Cisco Data Center Network Manager A vulnerability in a specific REST API method of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. | 5.5 |