Vulnerabilities > Cisco > WEB Security Virtual Appliance > 11.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-20 | CVE-2021-1271 | Unspecified vulnerability in Cisco web Security Virtual Appliance A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 4.8 |
| 2017-07-25 | CVE-2017-6748 | Injection vulnerability in Cisco products A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. | 6.7 |