Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-05 | CVE-2013-2682 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information. | 4.3 |
| 2020-02-05 | CVE-2013-2681 | Improper Authentication vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to gain unauthorized access. | 4.3 |
| 2020-02-05 | CVE-2013-2680 | Cleartext Storage of Sensitive Information vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information. | 5.0 |
| 2020-02-05 | CVE-2020-3120 | Integer Overflow or Wraparound vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. | 6.5 |
| 2020-02-04 | CVE-2013-2678 | Injection vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter. | 6.8 |
| 2020-01-26 | CVE-2020-3142 | Missing Authentication for Critical Function vulnerability in Cisco Webex Meetings Online A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. | 5.0 |
| 2020-01-26 | CVE-2020-3139 | Improper Input Validation vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports. | 5.0 |
| 2020-01-26 | CVE-2020-3136 | Cross-site Scripting vulnerability in Cisco Jabber Guest A vulnerability in the web-based management interface of Cisco Jabber Guest could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2020-01-26 | CVE-2020-3134 | Improper Input Validation vulnerability in Cisco Email Security Appliance A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.4 |
| 2020-01-26 | CVE-2020-3131 | Resource Exhaustion vulnerability in Cisco Webex Teams 3.0.12427.0/3.0.12808.0/3.0.13131 A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition. | 4.0 |