Vulnerabilities > Cisco > DNA Center > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-18 | CVE-2023-20183 | Files or Directories Accessible to External Parties vulnerability in Cisco DNA Center Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. | 4.3 |
| 2023-05-18 | CVE-2023-20184 | Files or Directories Accessible to External Parties vulnerability in Cisco DNA Center Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. | 4.3 |
| 2023-03-23 | CVE-2023-20059 | Cleartext Storage of Sensitive Information vulnerability in Cisco DNA Center A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. | 6.5 |
| 2022-02-10 | CVE-2022-20630 | Information Exposure Through Log Files vulnerability in Cisco DNA Center A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. | 4.4 |
| 2021-10-06 | CVE-2021-34782 | Unspecified vulnerability in Cisco DNA Center A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. | 4.3 |
| 2021-01-20 | CVE-2021-1265 | Unspecified vulnerability in Cisco DNA Center A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privilege-level authenticated, remote attacker to obtain the full unmasked running configuration of managed devices. | 6.5 |
| 2021-01-13 | CVE-2021-1130 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco DNA Center software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 4.8 |
| 2020-08-26 | CVE-2020-3466 | Cross-site Scripting vulnerability in Cisco DNA Center Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2020-02-05 | CVE-2019-15253 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.8 |
| 2019-03-11 | CVE-2019-1707 | Cross-site Scripting vulnerability in Cisco DNA Center A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 5.4 |