Vulnerabilities > Cisco > Smart Software Manager ON Prem > 8.202004

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-20110 SQL Injection vulnerability in Cisco Smart Software Manager On-Prem
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
network
low complexity
cisco CWE-89
6.5
6.5
2022-07-06 CVE-2022-20808 Resource Exhaustion vulnerability in Cisco Smart Software Manager On-Prem 8202004/8202108
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-400
6.5
6.5
2021-10-06 CVE-2021-34766 Improper Privilege Management vulnerability in Cisco Smart Software Manager On-Prem
A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions.
network
low complexity
cisco CWE-269
8.8
8.8
2020-08-26 CVE-2020-3443 Missing Authorization vulnerability in Cisco Smart Software Manager On-Prem 8202004
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and execute commands with higher privileges.
network
low complexity
cisco CWE-862
8.8
8.8