Vendor CVEs
Cisco Systems, Inc.
All CVEs
7,230 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-3178 | Med | 0.40 | 6.1 | 0.01 | May 6, 2020 | Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of… | ||
| CVE-2020-3192 | Med | 0.40 | 6.1 | 0.01 | Mar 4, 2020 | A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to… | ||
| CVE-2020-3159 | Med | 0.40 | 6.1 | 0.01 | Feb 19, 2020 | A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to… | ||
| CVE-2020-3156 | Med | 0.40 | 6.1 | 0.01 | Feb 19, 2020 | A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of endpoint data stored in logs used by the web-based interface.… | ||
| CVE-2020-3136 | Med | 0.40 | 6.1 | 0.01 | Jan 26, 2020 | A vulnerability in the web-based management interface of Cisco Jabber Guest could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because… | ||
| CVE-2020-3121 | Med | 0.40 | 6.1 | 0.01 | Jan 26, 2020 | A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient… | ||
| CVE-2019-16024 | Med | 0.40 | 6.1 | 0.01 | Jan 26, 2020 | A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability… | ||
| CVE-2019-16015 | Med | 0.40 | 6.1 | 0.01 | Jan 26, 2020 | A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The… | ||
| CVE-2019-15278 | Med | 0.40 | 6.1 | 0.01 | Jan 26, 2020 | A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it… | ||
| CVE-2019-15994 | Med | 0.40 | 6.1 | 0.01 | Nov 26, 2019 | A vulnerability in the web-based management interface of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is… | ||
| CVE-2019-15973 | Med | 0.40 | 6.1 | 0.01 | Nov 26, 2019 | A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application. The vulnerability is due to… | ||
| CVE-2019-12718 | Med | 0.40 | 6.1 | 0.01 | Oct 16, 2019 | A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient… | ||
| CVE-2019-12705 | Med | 0.40 | 6.1 | 0.01 | Oct 16, 2019 | A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management… | ||
| CVE-2019-15259 | Med | 0.40 | 6.1 | 0.01 | Oct 2, 2019 | A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of… | ||
| CVE-2019-12716 | Med | 0.40 | 6.1 | 0.01 | Oct 2, 2019 | A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the… | ||
| CVE-2019-12715 | Med | 0.40 | 6.1 | 0.01 | Oct 2, 2019 | A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the… | ||
| CVE-2019-12713 | Med | 0.40 | 6.1 | 0.01 | Oct 2, 2019 | A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is… | ||
| CVE-2019-12712 | Med | 0.40 | 6.1 | 0.01 | Oct 2, 2019 | A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is… | ||
| CVE-2019-12707 | Med | 0.40 | 6.1 | 0.01 | Oct 2, 2019 | A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is… | ||
| CVE-2019-12695 | Med | 0.40 | 6.1 | 0.01 | Oct 2, 2019 | A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based… | ||
| CVE-2019-12631 | Med | 0.40 | 6.1 | 0.01 | Oct 2, 2019 | A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient… | ||
| CVE-2019-1975 | Med | 0.40 | 6.1 | 0.01 | Sep 18, 2019 | A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could… | ||
| CVE-2019-12644 | Med | 0.40 | 6.1 | 0.01 | Sep 5, 2019 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2019-1954 | Med | 0.40 | 6.1 | 0.01 | Aug 8, 2019 | A vulnerability in the web-based management interface of Cisco Webex Meetings Server Software could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP… | ||
| CVE-2019-1941 | Med | 0.40 | 6.1 | 0.01 | Jul 17, 2019 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2019-1931 | Med | 0.40 | 6.1 | 0.01 | Jul 6, 2019 | Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of… | ||
| CVE-2019-1930 | Med | 0.40 | 6.1 | 0.01 | Jul 6, 2019 | Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of… | ||
| CVE-2019-1870 | Med | 0.40 | 6.1 | 0.01 | Jun 5, 2019 | A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2015-2230 | Med | 0.40 | 6.1 | 0.01 | May 30, 2019 | Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console. | ||
| CVE-2019-1857 | Med | 0.40 | 6.1 | 0.01 | May 3, 2019 | A vulnerability in the web-based management interface of Cisco HyperFlex HX-Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient… | ||
| CVE-2019-1856 | Med | 0.40 | 6.1 | 0.01 | May 3, 2019 | A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2019-1852 | Med | 0.40 | 6.1 | 0.01 | May 3, 2019 | A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of… | ||
| CVE-2019-1792 | Med | 0.40 | 6.1 | 0.01 | Apr 18, 2019 | A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user in a network protected by Umbrella. The vulnerability is due to insufficient validation of input parameters… | ||
| CVE-2019-1719 | Med | 0.40 | 6.1 | 0.01 | Apr 18, 2019 | A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient… | ||
| CVE-2019-1827 | Med | 0.40 | 6.1 | 0.01 | Apr 4, 2019 | A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the service. The vulnerability exists… | ||
| CVE-2019-1702 | Med | 0.40 | 6.1 | 0.01 | Mar 11, 2019 | Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The… | ||
| CVE-2019-1700 | Med | 0.40 | 6.1 | 0.01 | Feb 21, 2019 | A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of… | ||
| CVE-2019-1685 | Med | 0.40 | 6.1 | 0.01 | Feb 21, 2019 | A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The… | ||
| CVE-2019-1671 | Med | 0.40 | 6.1 | 0.01 | Feb 7, 2019 | A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The… | ||
| CVE-2019-1670 | Med | 0.40 | 6.1 | 0.01 | Feb 7, 2019 | A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due… | ||
| CVE-2019-1661 | Med | 0.40 | 6.1 | 0.01 | Feb 7, 2019 | A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.… | ||
| CVE-2019-1668 | Med | 0.40 | 6.1 | 0.01 | Jan 24, 2019 | A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. This vulnerability is due to insufficient… | ||
| CVE-2019-1655 | Med | 0.40 | 6.1 | 0.01 | Jan 24, 2019 | A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is due to… | ||
| CVE-2019-1643 | Med | 0.40 | 6.1 | 0.01 | Jan 23, 2019 | A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is… | ||
| CVE-2018-15455 | Med | 0.40 | 6.1 | 0.01 | Jan 23, 2019 | A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of requests stored in the system's logging database. An… | ||
| CVE-2018-15463 | Med | 0.40 | 6.1 | 0.01 | Jan 15, 2019 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to… | ||
| CVE-2018-15440 | Med | 0.40 | 6.1 | 0.01 | Jan 15, 2019 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due… | ||
| CVE-2018-15467 | Med | 0.40 | 6.1 | 0.01 | Jan 11, 2019 | A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-15461 | Med | 0.40 | 6.1 | 0.01 | Jan 10, 2019 | A vulnerability in the MyWebex component of Cisco Webex Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this… | ||
| CVE-2018-15457 | Med | 0.40 | 6.1 | 0.01 | Jan 10, 2019 | A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due… |
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of endpoint data stored in logs used by the web-based interface.…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Jabber Guest could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Webex Meetings Server Software could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console.
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco HyperFlex HX-Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user in a network protected by Umbrella. The vulnerability is due to insufficient validation of input parameters…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the service. The vulnerability exists…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. This vulnerability is due to insufficient…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of requests stored in the system's logging database. An…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the MyWebex component of Cisco Webex Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due…
Page 60 of 145