Vulnerabilities > Cisco > IOT Field Network Director > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-18 | CVE-2020-26081 | Injection vulnerability in Cisco IOT Field Network Director Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affected system. | 6.1 |
| 2020-11-18 | CVE-2020-26080 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. | 4.1 |
| 2020-11-18 | CVE-2020-26079 | Insufficiently Protected Credentials vulnerability in Cisco IOT Field Network Director A vulnerability in the web UI of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. | 4.9 |
| 2020-11-18 | CVE-2020-26078 | Path Traversal vulnerability in Cisco IOT Field Network Director A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. | 6.5 |
| 2020-11-18 | CVE-2020-26077 | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. | 4.3 |
| 2019-02-21 | CVE-2019-1698 | XXE vulnerability in Cisco IOT Field Network Director A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. | 4.9 |