CVE-2020-3532 Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...

CVE-2020-3539 Cisco Data Center Network Manager Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that are intended for use...

CVE-2024-20540

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists...

CVE-2024-20540 Cisco Unified Contact Center Management Portal Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists...

CVE-2024-20540 Cisco Unified Contact Center Management Portal Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists...

CVE-2024-20540

Cisco CVE-2024-20540 affects the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP). The issue is a stored cross-site scripting (XSS) vulnerability caused by improper validation of user-supplied input in a page of the interface. An authenticated attack...

CVE-2024-20530

Cisco ISE contains a web-based management interface XSS vulnerability (CVE-2024-20530). The issue arises from improper input validation in the interface, enabling an unauthenticated, remote attacker to lure a user via a crafted link to execute arbitrary script code in the user’s browser or access...

CVE-2024-20514

Cisco EPNM and Cisco Prime Infrastructure web-based management interfaces are affected by a stored cross-site scripting (XSS) vulnerability that arises from improper input validation. An authenticated, low-privileged attacker could inject malicious code via a targeted page, enabling execution of ...

CVE-2024-20507 Cisco Meeting Management Information Disclosure Vulnerability

A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface of...

CVE-2024-20487 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabiliy

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an...

Cisco Unified Contact Center Management Portal Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists...

PT-2024-9007 · Cisco · Cisco Meeting Management

Name of the Vulnerable Software and Affected Versions: Cisco Meeting Management affected versions not specified Description: A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affecte...

CVE-2024-10381

This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the vulnerable device. Successful...

PT-2024-16234 · Unknown · Matrix Door Controller Cosec Vega Faxq

Name of the Vulnerable Software and Affected Versions: Matrix Door Controller Cosec Vega FAXQ affected versions not specified Description: The issue arises from improper implementation of session management at the web-based management interface. A remote attacker could exploit this by sending a...

CVE-2024-20409

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient...

CVE-2024-20482

CVE-2024-20482 affects Cisco Secure Firewall Management Center (FMC) web-based management interface. An authenticated user with a custom read-only role can exploit insufficient validation of role permissions to perform a write operation, potentially modifying certain parts of the configuration. T...

CVE-2024-20409

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient...

CVE-2024-20387

CVE-2024-20387 affects Cisco FMC Software (Web-based management interface). The issue is due to improper input sanitization, enabling an authenticated, remote attacker to store malicious content for stored XSS by persuading a user to click a malicious link. Impact is stored XSS on the affected de...

CVE-2024-20379

Cisco Secure Firewall Management Center (FMC) Software contains a vulnerability in its web-based management interface that could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. The issue arises from improper validation of user-supplied input; ...

CVE-2024-20377

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to the web-based management interface not...