Vulnerabilities > Cisco > Smart Software Manager ON Prem > 7.201910

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-20110 SQL Injection vulnerability in Cisco Smart Software Manager On-Prem
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
network
low complexity
cisco CWE-89
6.5
6.5
2021-10-06 CVE-2021-34766 Improper Privilege Management vulnerability in Cisco Smart Software Manager On-Prem
A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions.
network
low complexity
cisco CWE-269
8.8
8.8
2020-06-18 CVE-2020-3245 Missing Authorization vulnerability in Cisco Smart Software Manager On-Prem 7201910/7202001
A vulnerability in the web application of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to create arbitrary user accounts.
network
low complexity
cisco CWE-862
5.0
5.0
2020-02-19 CVE-2020-3158 Use of Hard-coded Credentials vulnerability in Cisco Smart Software Manager On-Prem 7201910
A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account.
network
cisco CWE-798
8.8
8.8