Lucene search
K
CiscoVision Dynamic Signage Director

9 matches found

CVE
CVE
added 2020/10/08 4:21 a.m.66 views

CVE-2020-3598

CVE-2020-3598 affects Cisco Vision Dynamic Signage Director web-based management interface. An unauthenticated, remote attacker can access a portion of the interface due to missing authentication in a specific web UI section, by requesting a crafted URL. This could allow reading confidential info...

6.5CVSS6.4AI score0.00947EPSS
CVE
CVE
added 2020/08/26 4:16 p.m.63 views

CVE-2020-3485

CVE-2020-3485 describes a vulnerability in the web management software of Cisco Vision Dynamic Signage Director’s RBAC. The issue arises from improper handling of RBAC in the web interface, enabling an authenticated, remote attacker to view and delete screen content they should not access via a c...

6.5CVSS6.2AI score0.00676EPSS
CVE
CVE
added 2020/09/23 12:26 a.m.60 views

CVE-2019-16004

CVE-2019-16004 affects Cisco Vision Dynamic Signage Director; REST API endpoints permit an unauthenticated remote attacker to bypass authentication due to missing authentication on some API calls. Impact: attacker could interact with parts of the API. Affected software versions include releases p...

6.5CVSS6.6AI score0.01027EPSS
CVE
CVE
added 2020/08/26 4:16 p.m.56 views

CVE-2020-3484

The CVE-2020-3484 issue affects Cisco Vision Dynamic Signage Director’s web-based management interface, caused by incorrect permissions in the Apache configuration. This allows an unauthenticated remote attacker to view potentially sensitive information on affected devices by sending a crafted HT...

5.3CVSS5.1AI score0.01095EPSS
CVE
CVE
added 2020/08/26 4:16 p.m.54 views

CVE-2020-3490

The CVE-2020-3490 issue affects Cisco Vision Dynamic Signage Director. A vulnerability in the web-based management interface allows an authenticated, remote attacker with administrative privileges to perform directory traversal and read files on the underlying OS with root privileges due to impro...

6.8CVSS4.9AI score0.03041EPSS
CVE
CVE
added 2021/10/06 7:46 p.m.54 views

CVE-2021-34742

Cisco Vision Dynamic Signage Director is affected by a reflected XSS in its web-based management interface due to insufficient validation of user-supplied input. An unauthenticated, remote attacker can lure a user to click a crafted link, potentially executing arbitrary script code in the interfa...

6.1CVSS5.9AI score0.0075EPSS
CVE
CVE
added 2020/08/26 4:15 p.m.53 views

CVE-2020-3491

CVE-2020-3491 affects Cisco Vision Dynamic Signage Director Web Management Interface. The root cause is improper validation of user-supplied input in the web interface, enabling an authenticated, administrative user to perform a stored XSS attack against other interface users. Impact described ac...

5.5CVSS5AI score0.00617EPSS
CVE
CVE
added 2019/07/17 8:15 p.m.46 views

CVE-2019-1917

Cisco Vision Dynamic Signage Director contains a REST API authentication bypass. A remote, unauthenticated attacker can craft HTTP requests to the REST API, due to insufficient validation, to bypass authentication and perform arbitrary actions with administrative privileges. The REST API is enabl...

10CVSS9.7AI score0.0534EPSS
CVE
CVE
added 2020/07/16 5:35 p.m.43 views

CVE-2020-3450

Cisco Vision Dynamic Signage Director is affected by CVE-2020-3450 via the web-based management interface. The issue is a SQL injection caused by improper validation of user-submitted parameters, exploitable by an authenticated attacker with administrative credentials. Successful exploitation cou...

4.9CVSS5.5AI score0.01021EPSS