Lucene search
K

67 matches found

Cisco
Cisco
added 2020/10/07 4:0 p.m.24 views

Cisco Vision Dynamic Signage Director Missing Authentication Vulnerability

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-bas...

6.5CVSS1.5AI score0.00947EPSS
Exploits0References1
OSV
OSV
added 2020/09/23 1:15 a.m.4 views

CVE-2019-16004

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

6.5CVSS6.7AI score0.01027EPSS
Exploits0References1
NVD
NVD
added 2020/09/23 1:15 a.m.28 views

CVE-2019-16004

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

6.5CVSS0.01027EPSS
Exploits0References1
Prion
Prion
added 2020/09/23 1:15 a.m.14 views

Authentication flaw

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

6.4CVSS6.6AI score0.01027EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/23 12:26 a.m.28 views

CVE-2019-16004 Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

6.5CVSS6.7AI score0.01027EPSS
Exploits0References1
CVE
CVE
added 2020/09/23 12:26 a.m.60 views

CVE-2019-16004

CVE-2019-16004 affects Cisco Vision Dynamic Signage Director; REST API endpoints permit an unauthenticated remote attacker to bypass authentication due to missing authentication on some API calls. Impact: attacker could interact with parts of the API. Affected software versions include releases p...

6.5CVSS6.6AI score0.01027EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/09/03 12:0 a.m.5 views

The vulnerability in the web interface of the Cisco Vision Dynamic Signage Director system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Cisco Vision Dynamic Signage Director web interface management interface is related to configuration errors in Apache. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information by sending a specially...

5.3CVSS5.9AI score0.01095EPSS
Exploits0References3
OSV
OSV
added 2020/08/26 5:15 p.m.6 views

CVE-2020-3490

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability...

4.9CVSS5.9AI score0.03041EPSS
Exploits0References1
NVD
NVD
added 2020/08/26 5:15 p.m.16 views

CVE-2020-3490

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability...

6.8CVSS4.9AI score0.03041EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 5:15 p.m.5 views

CVE-2020-3491

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The vulnerability exists...

4.8CVSS6.1AI score0.00617EPSS
Exploits0References1
NVD
NVD
added 2020/08/26 5:15 p.m.24 views

CVE-2020-3491

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The vulnerability exists...

5.5CVSS5.2AI score0.00617EPSS
Exploits0References1
NVD
NVD
added 2020/08/26 5:15 p.m.41 views

CVE-2020-3484

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacke...

5.3CVSS5.1AI score0.01095EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 5:15 p.m.5 views

CVE-2020-3485

A vulnerability in the role-based access control RBAC functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to...

6.3CVSS6.6AI score0.00676EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 5:15 p.m.4 views

CVE-2020-3484

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacke...

5.3CVSS6.1AI score0.01095EPSS
Exploits0References1
NVD
NVD
added 2020/08/26 5:15 p.m.18 views

CVE-2020-3485

A vulnerability in the role-based access control RBAC functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to...

6.5CVSS6.2AI score0.00676EPSS
Exploits0References1
Prion
Prion
added 2020/08/26 5:15 p.m.15 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The vulnerability exists...

3.5CVSS5AI score0.00617EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/26 5:15 p.m.17 views

Design/Logic Flaw

A vulnerability in the role-based access control RBAC functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to...

6.5CVSS6.2AI score0.00676EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/26 5:15 p.m.19 views

Input validation

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacke...

5CVSS5.1AI score0.01095EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/08/26 5:15 p.m.13 views

Directory traversal

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability...

6.8CVSS4.9AI score0.03041EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/08/26 4:16 p.m.11 views

CVE-2020-3484 Cisco Vision Dynamic Signage Director Directory Traversal Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacke...

5.3CVSS6.5AI score0.01095EPSS
Exploits0References1
Rows per page
Query Builder