5.3
CVE-2022-20633 - Cisco Enterprise Chat and Email Username Enumeration Vulnerability
A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vulnerability is due to differences in authentication responses that are sent back from the applicatioโฆ
6.1
CVE-2022-20632 - Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate useโฆ
5.8
CVE-2021-34753 - Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities
A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. This vulnerability is due to incomplete processing during deep โฆ
6.7
CVE-2021-34752 - Cisco Firepower Threat Defense Command Injection Vulnerabilities
A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient validatioโฆ
4.3
CVE-2021-34751 - Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerability
A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device. Thiโฆ
4.3
CVE-2021-34750 - Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerability
A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device. This vulnโฆ
8.2
CVE-2024-39726 - IBM Engineering Insights XML external entity injection
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
5.5
CVE-2022-20626 - Cisco Prime Access Registrar Appliance Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid credentials for the device. This vulnerabiliโฆ
6.1
CVE-2022-20631 - Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate useโฆ
6.1
CVE-2022-20654 - Cisco Webex Meetings Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-bโฆ