Cisco

Industrial Network Director

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-20039

  • EPSS 0.04%
  • Veröffentlicht 15.11.2024 16:15:25
  • Zuletzt bearbeitet 11.08.2025 17:33:59

A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data. This vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit th...

9.9

CVE-2023-20036

  • EPSS 10.2%
  • Veröffentlicht 15.11.2024 16:15:24
  • Zuletzt bearbeitet 11.08.2025 17:40:02

A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper i...

5.4

CVE-2023-20037

  • EPSS 0.07%
  • Veröffentlicht 20.01.2023 07:15:15
  • Zuletzt bearbeitet 21.11.2024 07:40:24

A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected applicati...

8.8

CVE-2023-20038

  • EPSS 0.05%
  • Veröffentlicht 20.01.2023 07:15:15
  • Zuletzt bearbeitet 21.11.2024 07:40:24

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerab...

6.8

CVE-2020-3567

  • EPSS 0.38%
  • Veröffentlicht 08.10.2020 05:15:15
  • Zuletzt bearbeitet 21.11.2024 05:31:19

A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service (DoS) condition on an affect...

6.1

CVE-2019-15973

  • EPSS 0.23%
  • Veröffentlicht 26.11.2019 03:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:50

A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application...

9.8

CVE-2019-1976

  • EPSS 0.47%
  • Veröffentlicht 05.09.2019 02:15:13
  • Zuletzt bearbeitet 21.11.2024 04:37:48

A vulnerability in the “plug-and-play” services component of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improp...

5.9

CVE-2019-1940

  • EPSS 0.11%
  • Veröffentlicht 17.07.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:37:43

A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The ...

9

CVE-2019-1861

  • EPSS 2.29%
  • Veröffentlicht 05.06.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:33

A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files uploaded to the affected application...

8.8

CVE-2019-1881

  • EPSS 0.4%
  • Veröffentlicht 05.06.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:36

A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device...