Vulnerabilities > Cisco > Transport Gateway Installation Software
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-08-22 | CVE-2016-6359 | Cross-site Scripting vulnerability in Cisco Transport Gateway Installation Software 4.1(4.0) Cross-site scripting (XSS) vulnerability in Cisco Transport Gateway Installation Software 4.1(4.0) on Smart Call Home Transport Gateway devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug IDs CSCva40650 and CSCva40817. | 4.3 |
2014-08-29 | CVE-2014-3346 | Improper Input Validation vulnerability in Cisco Transport Gateway Installation Software 4.0 The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) does not validate an unspecified parameter, which allows remote authenticated users to cause a denial of service (service crash) via a crafted string, aka Bug ID CSCuq31819. | 6.3 |
2014-08-28 | CVE-2014-3345 | Permissions, Privileges, and Access Controls vulnerability in Cisco Transport Gateway Installation Software 4.0 The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503. | 5.0 |
2014-08-28 | CVE-2014-3344 | Cross-Site Scripting vulnerability in Cisco Transport Gateway Installation Software 4.0 Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq31134, CSCuq31137, and CSCuq31563. | 4.3 |