Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-3260 | Resource Exhaustion vulnerability in Cisco products A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2020-04-15 | CVE-2020-3252 | Path Traversal vulnerability in Cisco UCS Director and UCS Director Express for BIG Data Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. | 6.5 |
| 2020-03-19 | CVE-2019-16010 | Cross-site Scripting vulnerability in Cisco Sd-Wan Firmware A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. | 4.8 |
| 2020-03-04 | CVE-2020-3193 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to obtain sensitive information about an affected device. | 5.3 |
| 2020-03-04 | CVE-2020-3192 | Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 6.1 |
| 2020-03-04 | CVE-2020-3190 | Resource Exhaustion vulnerability in Cisco IOS XR A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. | 5.8 |
| 2020-03-04 | CVE-2020-3185 | Cross-site Scripting vulnerability in Cisco Telepresence Management Suite A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 5.4 |
| 2020-03-04 | CVE-2020-3182 | Information Exposure vulnerability in Cisco Webex Meetings 40.1.8.5 A vulnerability in the multicast DNS (mDNS) protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running. | 4.3 |
| 2020-03-04 | CVE-2020-3181 | Resource Exhaustion vulnerability in Cisco Email Security Appliance A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated remote attacker to exhaust resources on an affected device. | 6.5 |
| 2020-03-04 | CVE-2020-3176 | OS Command Injection vulnerability in Cisco products A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. | 6.7 |