Vendor CVEs
Cisco Systems, Inc.
All CVEs
7,177 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0242 | Med | 0.40 | 6.1 | 0.02 | Apr 19, 2018 | A vulnerability in the WebVPN web-based management interface of Cisco Adaptive Security Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-0190 | Med | 0.40 | 6.1 | 0.01 | Mar 28, 2018 | Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. The vulnerabilities are due to… | ||
| CVE-2018-0188 | Med | 0.40 | 6.1 | 0.01 | Mar 28, 2018 | Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. The vulnerabilities are due to… | ||
| CVE-2018-0186 | Med | 0.40 | 6.1 | 0.01 | Mar 28, 2018 | Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. The vulnerabilities are due to… | ||
| CVE-2018-0223 | Med | 0.40 | 6.1 | 0.02 | Mar 8, 2018 | A vulnerability in DesktopServlet in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to… | ||
| CVE-2018-0219 | Med | 0.40 | 6.1 | 0.02 | Mar 8, 2018 | A vulnerability in the web-based management interface of Cisco Unified Computing System (UCS) Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-0212 | Med | 0.40 | 6.1 | 0.02 | Mar 8, 2018 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-0144 | Med | 0.40 | 6.1 | 0.02 | Mar 8, 2018 | A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-0206 | Med | 0.40 | 6.1 | 0.01 | Feb 22, 2018 | A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-0205 | Med | 0.40 | 6.1 | 0.01 | Feb 22, 2018 | A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to improper input validation. An attacker could exploit this… | ||
| CVE-2018-0199 | Med | 0.40 | 6.1 | 0.02 | Feb 22, 2018 | A vulnerability in Cisco Jabber Client Framework (JCF) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. The vulnerability is due to improper neutralization of script in attributes in a web page.… | ||
| CVE-2018-0145 | Med | 0.40 | 6.1 | 0.01 | Feb 22, 2018 | A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The… | ||
| CVE-2018-0129 | Med | 0.40 | 6.1 | 0.01 | Feb 8, 2018 | A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-0128 | Med | 0.40 | 6.1 | 0.01 | Feb 8, 2018 | A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-0098 | Med | 0.40 | 6.1 | 0.01 | Jan 18, 2018 | A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet (PoE) and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE could allow an unauthenticated, remote attacker to conduct a cross-site… | ||
| CVE-2018-0097 | Med | 0.40 | 6.1 | 0.01 | Jan 18, 2018 | A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. The vulnerability is due to improper input validation of the parameters in the HTTP request. An… | ||
| CVE-2018-0093 | Med | 0.40 | 6.1 | 0.01 | Jan 18, 2018 | A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2018-0091 | Med | 0.40 | 6.1 | 0.01 | Jan 18, 2018 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a Document Object Model (DOM) cross-site scripting (XSS) attack against a user of the web-based management interface of an… | ||
| CVE-2017-12308 | Med | 0.40 | 6.1 | 0.01 | Jan 18, 2018 | A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. The vulnerability is due to insufficient… | ||
| CVE-2017-12307 | Med | 0.40 | 6.1 | 0.01 | Jan 18, 2018 | A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to… | ||
| CVE-2018-0118 | Med | 0.40 | 6.1 | 0.02 | Jan 11, 2018 | A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2017-12366 | Med | 0.40 | 6.1 | 0.01 | Nov 30, 2017 | A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the… | ||
| CVE-2017-12356 | Med | 0.40 | 6.1 | 0.01 | Nov 30, 2017 | A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2017-12347 | Med | 0.40 | 6.1 | 0.01 | Nov 30, 2017 | Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a… | ||
| CVE-2017-12346 | Med | 0.40 | 6.1 | 0.01 | Nov 30, 2017 | Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a… | ||
| CVE-2017-12344 | Med | 0.40 | 6.1 | 0.01 | Nov 30, 2017 | Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a… | ||
| CVE-2017-12323 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2017 | Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The… | ||
| CVE-2017-12322 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2017 | Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The… | ||
| CVE-2017-12321 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2017 | Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The… | ||
| CVE-2017-12320 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2017 | Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The… | ||
| CVE-2017-12304 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2017 | A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface on an affected device. The… | ||
| CVE-2017-12292 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2017 | Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The… | ||
| CVE-2017-12291 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2017 | Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The… | ||
| CVE-2017-12290 | Med | 0.40 | 6.1 | 0.01 | Nov 16, 2017 | Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The… | ||
| CVE-2017-12283 | Med | 0.40 | 6.1 | 0.01 | Nov 2, 2017 | A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denial of Service. The vulnerability exists… | ||
| CVE-2017-12282 | Med | 0.40 | 6.1 | 0.01 | Nov 2, 2017 | A vulnerability in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service… | ||
| CVE-2017-12298 | Med | 0.40 | 6.1 | 0.01 | Oct 19, 2017 | A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the… | ||
| CVE-2017-12296 | Med | 0.40 | 6.1 | 0.01 | Oct 19, 2017 | A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to… | ||
| CVE-2017-12288 | Med | 0.40 | 6.1 | 0.01 | Oct 19, 2017 | A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. The vulnerability is due to insufficient validation… | ||
| CVE-2017-12272 | Med | 0.40 | 6.1 | 0.01 | Oct 19, 2017 | A vulnerability in the web framework code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input… | ||
| CVE-2017-12265 | Med | 0.40 | 6.1 | 0.01 | Oct 5, 2017 | A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device,… | ||
| CVE-2017-12258 | Med | 0.40 | 6.1 | 0.02 | Oct 5, 2017 | A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML… | ||
| CVE-2017-12257 | Med | 0.40 | 6.1 | 0.01 | Oct 5, 2017 | A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation… | ||
| CVE-2017-12254 | Med | 0.40 | 6.1 | 0.02 | Sep 21, 2017 | A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation of some parameters… | ||
| CVE-2017-12248 | Med | 0.40 | 6.1 | 0.02 | Sep 21, 2017 | A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to… | ||
| CVE-2017-6789 | Med | 0.40 | 6.1 | 0.01 | Sep 7, 2017 | A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack. The… | ||
| CVE-2017-12220 | Med | 0.40 | 6.1 | 0.01 | Sep 7, 2017 | A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The… | ||
| CVE-2017-12212 | Med | 0.40 | 6.1 | 0.01 | Sep 7, 2017 | A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input… | ||
| CVE-2017-6788 | Med | 0.40 | 6.1 | 0.01 | Aug 17, 2017 | The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software. The vulnerability is due to… | ||
| CVE-2017-6776 | Med | 0.40 | 6.1 | 0.01 | Aug 17, 2017 | A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. The vulnerability is due to insufficient validation of… |
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the WebVPN web-based management interface of Cisco Adaptive Security Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. The vulnerabilities are due to…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. The vulnerabilities are due to…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. The vulnerabilities are due to…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in DesktopServlet in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the web-based management interface of Cisco Unified Computing System (UCS) Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to improper input validation. An attacker could exploit this…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in Cisco Jabber Client Framework (JCF) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. The vulnerability is due to improper neutralization of script in attributes in a web page.…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet (PoE) and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE could allow an unauthenticated, remote attacker to conduct a cross-site…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. The vulnerability is due to improper input validation of the parameters in the HTTP request. An…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a Document Object Model (DOM) cross-site scripting (XSS) attack against a user of the web-based management interface of an…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack against a user of the web interface of an affected system. The vulnerability is due to insufficient…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface on an affected device. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The…
- risk 0.40cvss 6.1epss 0.01
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack or redirect a user of the affected service to an undesired web page. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denial of Service. The vulnerability exists…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. The vulnerability is due to insufficient validation…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web framework code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device,…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation of some parameters…
- risk 0.40cvss 6.1epss 0.02
A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input…
- risk 0.40cvss 6.1epss 0.01
The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software. The vulnerability is due to…
- risk 0.40cvss 6.1epss 0.01
A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. The vulnerability is due to insufficient validation of…
Page 61 of 144