Vulnerabilities > Cisco > Vision Dynamic Signage Director > 6.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-34742 | Cross-site Scripting vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. | 6.1 |
| 2020-10-08 | CVE-2020-3598 | Missing Authentication for Critical Function vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. | 6.5 |
| 2020-08-26 | CVE-2020-3491 | Cross-site Scripting vulnerability in Cisco Vision Dynamic Signage Director 6.2.0 A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. | 4.8 |
| 2020-08-26 | CVE-2020-3490 | Path Traversal vulnerability in Cisco Vision Dynamic Signage Director 6.2.0 A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. | 4.9 |
| 2020-08-26 | CVE-2020-3485 | Incorrect Default Permissions vulnerability in Cisco Vision Dynamic Signage Director 6.2.0 A vulnerability in the role-based access control (RBAC) functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. | 6.3 |
| 2020-08-26 | CVE-2020-3484 | Incorrect Default Permissions vulnerability in Cisco Vision Dynamic Signage Director 6.2(0) A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. | 5.3 |
| 2020-07-16 | CVE-2020-3450 | SQL Injection vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. | 4.9 |