|
199371
|
8.8 |
HIGH
Network
|
cisco
|
firepower_extensible_operating_system
|
A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a use…
|
CWE-352
Origin Validation Error
|
CVE-2020-3456
|
2024-11-21 14:31 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199372
|
7.8 |
HIGH
Local
|
cisco
|
firepower_extensible_operating_system
|
A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protectio…
|
NVD-CWE-Other
|
CVE-2020-3455
|
2024-11-21 14:31 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199373
|
8.6 |
HIGH
Network
|
cisco
|
firepower_threat_defense
adaptive_security_appliance
adaptive_security_appliance_software
|
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload ar…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-3436
|
2024-11-21 14:31 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199374
|
6.3 |
MEDIUM
Local
|
cisco
|
duo_network_gateway
|
Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL certificates and private keys were not excluded from logging. This issue resulted …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-3483
|
2024-11-21 14:31 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199375
|
7.8 |
HIGH
Local
|
cisco
|
duo_authentication_for_windows_logon_and_rdp
|
The Windows Logon installer prior to 4.1.2 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileg…
|
NVD-CWE-noinfo
|
CVE-2020-3427
|
2024-11-21 14:31 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199376
|
6.7 |
MEDIUM
Local
|
cisco
|
staros
|
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerabili…
|
CWE-78
OS Command
|
CVE-2020-3602
|
2024-11-21 14:31 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199377
|
6.7 |
MEDIUM
Local
|
cisco
|
staros
|
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerabili…
|
CWE-78
OS Command
|
CVE-2020-3601
|
2024-11-21 14:31 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199378
|
6.5 |
MEDIUM
Network
|
cisco
|
vision_dynamic_signage_director
|
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-3598
|
2024-11-21 14:31 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199379
|
5.4 |
MEDIUM
Network
|
cisco
|
nexus_data_broker
|
A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote attacker to perform a directory traversal attack on an affected device.…
|
CWE-22
Path Traversal
|
CVE-2020-3597
|
2024-11-21 14:31 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199380
|
7.5 |
HIGH
Network
|
cisco
|
expressway
telepresence_video_communication_server
|
A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a …
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2020-3596
|
2024-11-21 14:31 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
