Vulnerabilities > Cisco > Smart Software Manager ON Prem > 6.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-18 | CVE-2023-20110 | SQL Injection vulnerability in Cisco Smart Software Manager On-Prem A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 6.5 |
| 2021-10-06 | CVE-2021-34766 | Improper Privilege Management vulnerability in Cisco Smart Software Manager On-Prem A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions. | 8.8 |
| 2020-06-18 | CVE-2020-3245 | Missing Authorization vulnerability in Cisco Smart Software Manager On-Prem A vulnerability in the web application of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to create arbitrary user accounts. | 5.3 |
| 2020-02-19 | CVE-2020-3158 | Use of Hard-coded Credentials vulnerability in Cisco Smart Software Manager On-Prem A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. | 9.1 |
| 2020-01-26 | CVE-2019-16029 | Improper Input Validation vulnerability in Cisco Smart Software Manager On-Prem 5.0/5.1.0/6.3.0 A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service (DoS) condition of the web interface. | 9.1 |