Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-31 | CVE-2020-3462 | SQL Injection vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 6.3 |
| 2020-07-31 | CVE-2020-3461 | Missing Authentication for Critical Function vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. | 5.0 |
| 2020-07-31 | CVE-2020-3460 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.3 |
| 2020-07-16 | CVE-2020-3468 | SQL Injection vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 5.5 |
| 2020-07-16 | CVE-2020-3450 | SQL Injection vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. | 4.9 |
| 2020-07-16 | CVE-2020-3437 | Link Following vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the device. | 4.0 |
| 2020-07-16 | CVE-2020-3405 | XXE vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. | 4.9 |
| 2020-07-16 | CVE-2020-3401 | Path Traversal vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. | 6.5 |
| 2020-07-16 | CVE-2020-3385 | Unspecified vulnerability in Cisco Sd-Wan Firmware and Vedge Cloud Router A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. low complexity cisco | 6.1 |
| 2020-07-16 | CVE-2020-3378 | SQL Injection vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. | 4.3 |