1098 matches found
CVE-2022-20786 Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of...
CVE-2022-20735 Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...
CVE-2022-20735 Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...
Cross site scripting
A vulnerability in the web-based management interface of the Network Diagrams application for Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This...
CVE-2022-20741 Cisco Secure Network Analytics Network Diagrams Application Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of the Network Diagrams application for Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This...
CVE-2022-20741
CVE-2022-20741 concerns the web-based management interface of Cisco Secure Network Analytics (Network Diagrams application). The issue is a cross-site scripting (XSS) vulnerability arising from insufficient validation of user-supplied input in the interface. An authenticated, remote attacker coul...
CVE-2022-20680
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper enforcement of Administrator privilege levels for low-value sensitive dat...
CVE-2022-20680 Cisco Prime Service Catalog Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper enforcement of Administrator privilege levels for low-value sensitive dat...
Cisco Security Manager Cross-Site Scripting Vulnerability
Cisco Security Manager CSM is a set of enterprise-level management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which stem...
CVE-2022-20647
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20636
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
Cross site scripting
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20638 Cisco Security Manager Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20636 Cisco Security Manager Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20635 Cisco Security Manager Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20658
CVE-2022-20658 affects Cisco Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM). The issue is a privilege-escalation flaw caused by lack of server-side validation of user permissions in the web-based management interface. An authentica...
CVE-2022-20647 Cisco Security Manager Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20647 Cisco Security Manager Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20646 Cisco Security Manager Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20646
Cisco Security Manager’s web-based management interface contains cross-site scripting vulnerabilities due to insufficient input validation. An unauthenticated, remote attacker could persuade a user to click a crafted link and potentially execute arbitrary script code within the interface or acces...