Vulnerabilities > Cisco > DNA Center > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-20223 | Unspecified vulnerability in Cisco DNA Center A vulnerability in Cisco DNA Center could allow an unauthenticated, remote attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control enforcement on API requests. | 8.2 |
| 2023-05-18 | CVE-2023-20182 | Improper Input Validation vulnerability in Cisco DNA Center Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. | 8.8 |
| 2023-03-23 | CVE-2023-20055 | Unspecified vulnerability in Cisco DNA Center A vulnerability in the management API of Cisco DNA Center could allow an authenticated, remote attacker to elevate privileges in the context of the web-based management interface on an affected device. | 8.8 |
| 2021-06-29 | CVE-2021-1134 | Improper Certificate Validation vulnerability in Cisco DNA Center A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. | 7.4 |
| 2021-01-20 | CVE-2021-1303 | Unspecified vulnerability in Cisco DNA Center A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated, remote attacker to execute unauthorized commands on an affected device. | 8.8 |
| 2021-01-20 | CVE-2021-1264 | Unspecified vulnerability in Cisco DNA Center A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. | 8.8 |
| 2021-01-20 | CVE-2021-1257 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. | 8.8 |
| 2020-08-17 | CVE-2020-3411 | Improper Authentication vulnerability in Cisco DNA Center A vulnerability in Cisco DNA Center software could allow an unauthenticated remote attacker access to sensitive information on an affected system. | 7.5 |
| 2019-04-18 | CVE-2019-1841 | Improper Input Validation vulnerability in Cisco DNA Center A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. | 8.1 |