VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,110 total · sorted by risk
  • CVE-2024-20479MedAug 7, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management…

  • CVE-2024-20400MedJul 17, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could…

  • CVE-2024-20296MedJul 17, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit this vulnerability, an attacker would need at least valid Policy Admin…

  • CVE-2024-20405MedJun 5, 2024
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific…

  • CVE-2024-20383MedMay 15, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation…

  • CVE-2024-20369MedMay 15, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of a parameter in…

  • CVE-2024-20257MedMay 15, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.r This vulnerability is due to insufficient validation of user…

  • CVE-2024-20256MedMay 15, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to…

  • CVE-2024-20354MedMar 27, 2024
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of…

  • CVE-2024-20305MedJan 26, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does…

  • CVE-2024-20270MedJan 17, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the…

  • CVE-2024-20251MedJan 17, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability exists…

  • CVE-2023-20257MedJan 17, 2024
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability is due to improper validation of user-supplied input to the web-based management…

  • CVE-2023-20208MedNov 21, 2023
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the web-based management interface of an affected device.

  • CVE-2023-20196MedNov 1, 2023
    risk 0.31cvss 4.7epss 0.01

    Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to…

  • CVE-2023-20195MedNov 1, 2023
    risk 0.31cvss 4.7epss 0.01

    Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to…

  • CVE-2023-20074MedNov 1, 2023
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These…

  • CVE-2023-20041MedNov 1, 2023
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These…

  • CVE-2023-20005MedNov 1, 2023
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These…

  • CVE-2023-20268MedSep 27, 2023
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling…

  • CVE-2023-20263MedSep 6, 2023
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request.…

  • CVE-2023-20222MedAug 16, 2023
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected…

  • CVE-2023-20201MedAug 16, 2023
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface…

  • CVE-2023-20242MedAug 16, 2023
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an…

  • CVE-2023-20188MedJun 28, 2023
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an authenticated, remote attacker to conduct a…

  • CVE-2023-20003MedMay 18, 2023
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login…

  • CVE-2023-20007MedJan 20, 2023
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart…

  • CVE-2022-20967MedJan 20, 2023
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to…

  • CVE-2022-20936MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20935MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20932MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20905MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20872MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20843MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20840MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20839MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20838MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20836MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20835MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20834MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20833MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20832MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20831MedNov 15, 2022
    risk 0.31cvss 4.8epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. …

  • CVE-2022-20969MedNov 4, 2022
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An…

  • CVE-2022-20868MedNov 4, 2022
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid…

  • CVE-2022-20772MedNov 4, 2022
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to…

  • CVE-2022-20728MedSep 30, 2022
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the…

  • CVE-2021-27853MedSep 27, 2022
    risk 0.31cvss 4.7epss 0.01

    Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

  • CVE-2022-20912MedJul 22, 2022
    risk 0.31cvss 4.7epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting…

  • CVE-2022-20911MedJul 22, 2022
    risk 0.31cvss 4.7epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting…

Page 81 of 143