Vulnerabilities > Cisco > Industrial Network Director > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2023-20037 Cross-site Scripting vulnerability in Cisco Industrial Network Director
A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected application.
network
low complexity
cisco CWE-79
5.4
5.4
2020-10-08 CVE-2020-3567 Improper Input Validation vulnerability in Cisco Industrial Network Director and Network Level Service
A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-20
6.5
6.5
2019-11-26 CVE-2019-15973 Cross-site Scripting vulnerability in Cisco Industrial Network Director and Network Level Service
A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application.
network
low complexity
cisco CWE-79
6.1
6.1
2019-07-17 CVE-2019-1940 Improper Certificate Validation vulnerability in Cisco Industrial Network Director
A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate.
network
high complexity
cisco CWE-295
5.9
5.9
2019-06-05 CVE-2019-1882 Cross-site Scripting vulnerability in Cisco Industrial Network Director 1.5(0.250)
A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks.
network
low complexity
cisco CWE-79
5.4
5.4
2018-10-05 CVE-2018-15392 Unspecified vulnerability in Cisco Industrial Network Director
A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.
low complexity
cisco
4.3
4.3
2017-06-13 CVE-2017-6675 Cross-site Scripting vulnerability in Cisco Industrial Network Director 1.1(0.176)
A vulnerability in the web interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against an affected system.
network
low complexity
cisco CWE-79
6.1
6.1