Vulnerabilities > Cisco > Nexus Dashboard > 2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-01 | CVE-2023-20014 | Resource Exhaustion vulnerability in Cisco Nexus Dashboard A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. | 7.5 |
2023-03-01 | CVE-2023-20053 | Cross-site Scripting vulnerability in Cisco Nexus Dashboard A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient user input validation. | 6.1 |
2022-07-22 | CVE-2022-20906 | Improper Privilege Management vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
2022-07-22 | CVE-2022-20907 | Improper Privilege Management vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
2022-07-22 | CVE-2022-20908 | Improper Input Validation vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
2022-07-22 | CVE-2022-20909 | Improper Input Validation vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
2022-07-22 | CVE-2022-20913 | Improper Input Validation vulnerability in Cisco Nexus Dashboard A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. | 6.5 |
2022-07-21 | CVE-2022-20857 | Missing Authentication for Critical Function vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. | 9.8 |
2022-07-21 | CVE-2022-20858 | Missing Authentication for Critical Function vulnerability in Cisco Nexus Dashboard Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. | 9.8 |
2022-07-21 | CVE-2022-20860 | Improper Certificate Validation vulnerability in Cisco Nexus Dashboard A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. | 7.4 |