|
202171
|
8.6 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnera…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-3407
|
2024-11-21 14:30 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202172
|
7.8 |
HIGH
Local
|
cisco
|
ios_xe
|
A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands o…
|
CWE-863
Incorrect Authorization
|
CVE-2020-3404
|
2024-11-21 14:30 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202173
|
7.8 |
HIGH
Local
|
cisco
|
ios_xe
|
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the…
|
CWE-78
OS Command
|
CVE-2020-3403
|
2024-11-21 14:30 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202174
|
8.8 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due …
|
CWE-862
Missing Authorization
|
CVE-2020-3400
|
2024-11-21 14:30 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202175
|
8.6 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unau…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-3399
|
2024-11-21 14:30 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202176
|
7.2 |
HIGH
Physics
|
cisco
|
ios_xe
|
A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sens…
|
CWE-269
Improper Privilege Management
|
CVE-2020-3396
|
2024-11-21 14:30 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202177
|
7.8 |
HIGH
Local
|
cisco
|
ios_xe
|
A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. The attacker could exec…
|
CWE-20
Improper Input Validation
|
CVE-2020-3393
|
2024-11-21 14:30 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202178
|
7.4 |
HIGH
Adjacent
|
cisco
|
ios_xe
|
A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an un…
|
CWE-20
Improper Input Validation
|
CVE-2020-3390
|
2024-11-21 14:30 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202179
|
7.2 |
HIGH
Network
|
cisco
|
ex60_firmware
ex90_firmware
sx10_firmware
sx20_firmware
sx80_firmware
telepresence_codec_c40_firmware
telepresence_codec_c60_firmware
telepresence_codec_c90_firmware
teleprese…
|
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authentic…
|
CWE-22
Path Traversal
|
CVE-2020-3143
|
2024-11-21 14:30 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202180
|
6.1 |
MEDIUM
Network
|
cisco
|
email_security_appliance
|
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a …
|
CWE-79
Cross-site Scripting
|
CVE-2020-3137
|
2024-11-21 14:30 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
