Vulnerabilities > Cisco > DNA Center
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-20 | CVE-2021-1303 | Unspecified vulnerability in Cisco DNA Center A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated, remote attacker to execute unauthorized commands on an affected device. | 8.8 |
| 2021-01-20 | CVE-2021-1265 | Unspecified vulnerability in Cisco DNA Center A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privilege-level authenticated, remote attacker to obtain the full unmasked running configuration of managed devices. | 6.5 |
| 2021-01-20 | CVE-2021-1264 | Unspecified vulnerability in Cisco DNA Center A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. | 8.8 |
| 2021-01-20 | CVE-2021-1257 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. | 8.8 |
| 2021-01-13 | CVE-2021-1130 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco DNA Center software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 4.8 |
| 2020-08-26 | CVE-2020-3466 | Cross-site Scripting vulnerability in Cisco DNA Center Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2020-08-17 | CVE-2020-3411 | Improper Authentication vulnerability in Cisco DNA Center A vulnerability in Cisco DNA Center software could allow an unauthenticated remote attacker access to sensitive information on an affected system. | 7.5 |
| 2020-02-05 | CVE-2019-15253 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.8 |
| 2019-04-18 | CVE-2019-1841 | Improper Input Validation vulnerability in Cisco DNA Center A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. | 8.1 |
| 2019-03-11 | CVE-2019-1707 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 5.4 |