1098 matches found
CVE-2022-20670
CVE-2022-20670 describes multiple cross-site scripting vulnerabilities in Cisco’s Common Services Platform Collector (CSPC) web-based management interface. The flaws arise from insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to lure a user to click a c...
CVE-2022-20667
Cisco CSPC (Common Services Platform Collector) suffers cross-site scripting (XSS) flaws in its web-based management interface due to insufficient input validation. Exploitation requires a user to click a crafted link, enabling an attacker to run arbitrary script code in the interface context or ...
CVE-2022-20666 Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...
CVE-2022-20666
CVE-2022-20666 affects Cisco Common Services Platform Collector (CSPC). The issue is multiple cross-site scripting (XSS) vulnerabilities in the web-based management interface caused by insufficient validation of user-supplied input. An unauthenticated, remote attacker could persuade a user to cli...
Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to...
Siemens SICAM P850 and SICAM P855 Devices Authentication Vulnerability (CNVD-2022-36392)
The SICAM P850 Multifunctional Measurement Device is used to collect, visualize, evaluate and transmit electrical measurement variables such as AC current, AC voltage, frequency, power, harmonics, etc. The SICAM P855 Multifunctional Device is used to collect, display and transmit measured...
Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of...
CVE-2022-20801
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to...
CVE-2022-20799
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to...
CVE-2022-20753 Cisco Small Business RV Series Routers Remote Code Execution Vulnerability
A vulnerability in web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. This vulnerability is due to improper validation of user-supplied input to the web-based management...
CVE-2022-20629
Cisco Firepower Management Center (FMC) Web UI suffers cross-site scripting (XSS) vulnerabilities due to insufficient validation of user input in the web-based management interface. An authenticated remote attacker could lure a user to click a crafted link, potentially executing arbitrary script ...
CVE-2022-20629 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of...
CVE-2022-20740 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. This vulnerability is due to improper validation of user-supplied input to the web-based management...
CVE-2022-20740 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. This vulnerability is due to improper validation of user-supplied input to the web-based management...
Cisco Unified Communications Products Arbitrary File Read (cisco-sa-ucm-file-read-h8h4HEJ3)
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system...
Cisco Unified Communications Products XSRF (cisco-sa-ucm-csrf-jrKP4eNT)
According to its self-reported version number, the web-based management interface of the Cisco Unified Communications Manager Unified CM and Cisco Unified CM Session Management Edition is affected by a cross-site request forgery vulnerability. An authenticated, remote attacker can exploit this...
CVE-2022-20787
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an authenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...
Cross site request forgery (csrf)
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an authenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...
CVE-2022-20788
The CVE-2022-20788 issue affects Cisco Unified Communications Manager (Unified CM), Unified CM Session Management Edition (Unified CM SME), and Cisco Unity Connection. It is a cross-site scripting (XSS) vulnerability in the web-based management interface caused by insufficient validation of user-...