VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,231 total · sorted by risk
  • CVE-2022-20645MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20644MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20643MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20642MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20641MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20640MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20639MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20638MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20637MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20636MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2022-20635MedJan 14, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of…

  • CVE-2021-40115MedNov 4, 2021
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management…

  • CVE-2021-40121MedOct 21, 2021
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the…

  • CVE-2021-34738MedOct 21, 2021
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the…

  • CVE-2021-34742MedOct 6, 2021
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to…

  • CVE-2021-34732MedSep 2, 2021
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of…

  • CVE-2021-1575MedJul 8, 2021
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management…

  • CVE-2021-1537MedJun 4, 2021
    risk 0.40cvss 6.2epss 0.00

    A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an unauthenticated, local attacker to access sensitive information that is contained in the ThousandEyes Recorder installer software. This vulnerability exists because sensitive information is…

  • CVE-2020-13529MedMay 10, 2021
    risk 0.40cvss 6.1epss 0.01

    An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to…

  • CVE-2021-1463MedApr 8, 2021
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based…

  • CVE-2021-1409MedApr 8, 2021
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM…

  • CVE-2021-1408MedApr 8, 2021
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM…

  • CVE-2021-1407MedApr 8, 2021
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM…

  • CVE-2021-1380MedApr 8, 2021
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM…

  • CVE-2021-1381MedMar 24, 2021
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging console. The vulnerability is due to insufficient command authorization restrictions.…

  • CVE-2021-1351MedFeb 17, 2021
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient…

  • CVE-2020-27126MedNov 18, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of user-supplied input to an application programmatic interface (API) within Cisco Webex…

  • CVE-2020-26081MedNov 18, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affected system. The vulnerabilities are due to insufficient validation of…

  • CVE-2020-3579MedNov 6, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management…

  • CVE-2020-3551MedNov 6, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because…

  • CVE-2020-3599MedOct 21, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the…

  • CVE-2020-3583MedOct 21, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web…

  • CVE-2020-3582MedOct 21, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web…

  • CVE-2020-3581MedOct 21, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web…

  • CVE-2020-3553MedOct 21, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2020-3515MedOct 21, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2020-3479MedSep 24, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service…

  • CVE-2020-3137MedSep 23, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2019-15974MedSep 23, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web interface of Cisco Managed Services Accelerator (MSX) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker…

  • CVE-2019-15969MedSep 23, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulnerability is due to…

  • CVE-2020-3466MedAug 26, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerabilities exist because the…

  • CVE-2020-3463MedAug 17, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is due to…

  • CVE-2020-3346MedAug 17, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user…

  • CVE-2020-3460MedJul 31, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based…

  • CVE-2020-3282MedJul 2, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an…

  • CVE-2020-3356MedJun 18, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient input…

  • CVE-2020-3337MedJun 18, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device. An…

  • CVE-2020-3314MedMay 22, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints…

  • CVE-2020-3313MedMay 6, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software. The vulnerability is due to…

  • CVE-2020-3311MedMay 6, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of HTTP request parameters. An attacker…

Page 59 of 145