Vulnerabilities > Cisco > Smart Software Manager ON Prem > 7.202001

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-20110 SQL Injection vulnerability in Cisco Smart Software Manager On-Prem
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
network
low complexity
cisco CWE-89
6.5
6.5
2021-10-06 CVE-2021-34766 Improper Privilege Management vulnerability in Cisco Smart Software Manager On-Prem
A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions.
network
low complexity
cisco CWE-269
8.8
8.8
2020-06-18 CVE-2020-3245 Missing Authorization vulnerability in Cisco Smart Software Manager On-Prem
A vulnerability in the web application of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to create arbitrary user accounts.
network
low complexity
cisco CWE-862
5.3
5.3