Vision Dynamic Signage Director
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-1917 | 0.01 | — | 0.05 | Jul 17, 2019 | A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this… | |||
| CVE-2021-34742 | 0.00 | — | 0.01 | Oct 6, 2021 | A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to… | |||
| CVE-2020-3598 | 0.00 | — | 0.01 | Oct 8, 2020 | A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific… | |||
| CVE-2019-16004 | 0.00 | — | 0.01 | Sep 23, 2020 | A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could… | |||
| CVE-2020-3484 | 0.00 | — | 0.01 | Aug 26, 2020 | A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache… | |||
| CVE-2020-3490 | 0.00 | — | 0.03 | Aug 26, 2020 | A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The… | |||
| CVE-2020-3485 | 0.00 | — | 0.01 | Aug 26, 2020 | A vulnerability in the role-based access control (RBAC) functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they… | |||
| CVE-2020-3491 | 0.00 | — | 0.01 | Aug 26, 2020 | A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. The… | |||
| CVE-2020-3450 | 0.00 | — | 0.01 | Jul 16, 2020 | A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of… |
- CVE-2019-1917Jul 17, 2019risk 0.01cvss —epss 0.05
A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this…
- CVE-2021-34742Oct 6, 2021risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to…
- CVE-2020-3598Oct 8, 2020risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific…
- CVE-2019-16004Sep 23, 2020risk 0.00cvss —epss 0.01
A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could…
- CVE-2020-3484Aug 26, 2020risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache…
- CVE-2020-3490Aug 26, 2020risk 0.00cvss —epss 0.03
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The…
- CVE-2020-3485Aug 26, 2020risk 0.00cvss —epss 0.01
A vulnerability in the role-based access control (RBAC) functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they…
- CVE-2020-3491Aug 26, 2020risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. The…
- CVE-2020-3450Jul 16, 2020risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of…