Vulnerabilities > Cisco > Ic3000 Industrial Compute Gateway > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-15 CVE-2022-20724 Race Condition vulnerability in Cisco products
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software.
network
high complexity
cisco CWE-362
5.3
5.3
2022-04-15 CVE-2022-20725 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software.
network
low complexity
cisco CWE-79
4.8
4.8
2022-04-15 CVE-2022-20727 Path Traversal vulnerability in Cisco products
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software.
local
low complexity
cisco CWE-22
6.7
6.7