Cisco

Industrial Network Director

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-20039

  • EPSS 0.04%
  • Published 15.11.2024 16:15:25
  • Last modified 11.08.2025 17:33:59

A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data. This vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit th...

9.9

CVE-2023-20036

  • EPSS 10.2%
  • Published 15.11.2024 16:15:24
  • Last modified 11.08.2025 17:40:02

A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper i...

5.4

CVE-2023-20037

  • EPSS 0.07%
  • Published 20.01.2023 07:15:15
  • Last modified 21.11.2024 07:40:24

A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected applicati...

8.8

CVE-2023-20038

  • EPSS 0.05%
  • Published 20.01.2023 07:15:15
  • Last modified 21.11.2024 07:40:24

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerab...

6.8

CVE-2020-3567

  • EPSS 0.38%
  • Published 08.10.2020 05:15:15
  • Last modified 21.11.2024 05:31:19

A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilization to increase to 100 percent, resulting in a denial of service (DoS) condition on an affect...

6.1

CVE-2019-15973

  • EPSS 0.23%
  • Published 26.11.2019 03:15:11
  • Last modified 21.11.2024 04:29:50

A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application...

9.8

CVE-2019-1976

  • EPSS 0.47%
  • Published 05.09.2019 02:15:13
  • Last modified 21.11.2024 04:37:48

A vulnerability in the “plug-and-play” services component of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improp...

5.9

CVE-2019-1940

  • EPSS 0.11%
  • Published 17.07.2019 21:15:12
  • Last modified 21.11.2024 04:37:43

A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The ...

9

CVE-2019-1861

  • EPSS 2.29%
  • Published 05.06.2019 17:29:00
  • Last modified 21.11.2024 04:37:33

A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files uploaded to the affected application...

8.8

CVE-2019-1881

  • EPSS 0.4%
  • Published 05.06.2019 17:29:00
  • Last modified 21.11.2024 04:37:36

A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device...