Vulnerabilities > Cisco > Industrial Network Director > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2023-20038 | Use of Hard-coded Credentials vulnerability in Cisco Industrial Network Director A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the application used to encrypt application data and remote credentials. | 8.8 |
| 2019-06-05 | CVE-2019-1881 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Industrial Network Director 1.5(0.250) A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2019-06-05 | CVE-2019-1861 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Industrial Network Director A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. | 7.2 |