Vulnerabilities > Cisco > Industrial Network Director > 1.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2023-20037 | Cross-site Scripting vulnerability in Cisco Industrial Network Director A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected application. | 5.4 |
| 2020-10-08 | CVE-2020-3567 | Improper Input Validation vulnerability in Cisco Industrial Network Director and Network Level Service A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service (DoS) condition on an affected device. | 6.5 |
| 2019-11-26 | CVE-2019-15973 | Cross-site Scripting vulnerability in Cisco Industrial Network Director and Network Level Service A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application. | 6.1 |
| 2019-07-17 | CVE-2019-1940 | Improper Certificate Validation vulnerability in Cisco Industrial Network Director A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. | 5.9 |