Vulnerabilities > Cisco > Intersight Virtual Appliance > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-16 | CVE-2023-20237 | Command Injection vulnerability in Cisco Intersight Virtual Appliance A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. | 4.3 |
| 2021-07-22 | CVE-2021-1617 | Path Traversal vulnerability in Cisco Intersight Virtual Appliance 1.0.9148/1.0.9150/1.0.9230 Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. | 6.5 |