Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-27 | CVE-2022-20671 | Cross-site Scripting vulnerability in Cisco Common Services Platform Collector Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2022-05-27 | CVE-2022-20672 | Cross-site Scripting vulnerability in Cisco Common Services Platform Collector Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2022-05-27 | CVE-2022-20673 | Cross-site Scripting vulnerability in Cisco Common Services Platform Collector Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2022-05-27 | CVE-2022-20674 | Cross-site Scripting vulnerability in Cisco Common Services Platform Collector Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2022-05-27 | CVE-2022-20765 | Cross-site Scripting vulnerability in Cisco UCS Director A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. | 4.8 |
| 2022-05-27 | CVE-2022-20797 | OS Command Injection vulnerability in Cisco Secure Network Analytics 2.1.1 A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. | 9.1 |
| 2022-05-27 | CVE-2022-20802 | Cross-site Scripting vulnerability in Cisco Enterprise Chat and Email A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 5.4 |
| 2022-05-27 | CVE-2022-20806 | Information Exposure Through Log Files vulnerability in Cisco Telepresence Video Communication Server Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. | 7.1 |
| 2022-05-27 | CVE-2022-20807 | Information Exposure Through Log Files vulnerability in Cisco Telepresence Video Communication Server Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. | 6.5 |
| 2022-05-26 | CVE-2022-20809 | Information Exposure Through Log Files vulnerability in Cisco Telepresence Video Communication Server Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. | 6.5 |