CVE-2021-1186

Cisco CVE-2021-1186 affects the Cisco Small Business RV110W, RV130, RV130W, and RV215W routers via multiple vulnerabilities in the web-based management interface. The root cause is improper validation of user-supplied input in the web UI, exploitable by an authenticated attacker with valid admini...

CVE-2021-1183

Cisco Small Business RV110W/RV130/RV130W/RV215W routers are affected by CVE-2021-1183 due to improper validation in the web-based management interface. An authenticated administrator could exploit crafted HTTP requests to potentially execute arbitrary code as root or cause a device restart (DoS)....

CVE-2021-1239 Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerabilities exist because the...

CVE-2021-1200

CVE-2021-1200 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The web-based management interface contains input validation weaknesses that could allow an authenticated attacker with administrator credentials to execute arbitrary code as root or trigger a restart/DoS by sen...

PT-2021-1638 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC, which could allow an...

Cross site scripting

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interface does not...

CVE-2020-3515 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

CVE-2020-3553

CVE-2020-3553 affects Cisco Firepower Management Center (FMC) Web UI. Multiple XSS vulnerabilities arise from insufficient validation in the web-based management interface, allowing an unauthenticated, remote attacker to lure a user via a crafted link and execute arbitrary script code or view sen...

Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. The vulnerability is due to improper enforcement of role-based access control RBAC within the...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficien...

CVE-2020-3320 Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficien...

CVE-2020-3320 Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficien...

CVE-2020-3135

A vulnerability in the web-based management interface of Cisco Unified Communications Manager UCM could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based...

CVE-2020-3124 Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections by the affected...

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance ESA, Cisco Content Security Management Appliance SMA, and Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to access sensitive information on an affecte...

Cisco Email Security Appliance Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to insufficient validation of requests that are se...

CVE-2020-3466

Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerabilities exist because the web-based managemen...

CVE-2020-3484

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. The vulnerability is due to incorrect permissions within Apache configuration. An attacke...

CVE-2020-3466 Cisco DNA Center Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerabilities exist because the web-based managemen...