6.1
CVE-2024-20530 - Cisco Identity Services Engine Reflected Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attβ¦
5.5
CVE-2024-20529 - Cisco Identity Services Engine Arbitrary File Read and Delete Vulnerability
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is due to insufficient validation of user-supplβ¦
3.8
CVE-2024-20528 - Cisco Identity Services Engine Path Traversal Vulnerability
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload files to arbitrary locations on the underlying operating system of an affected device. To exploit this vulnerability, an attacker would need valid Super Admin credentials. This vulnerability is dβ¦
5.5
CVE-2024-20527 - Cisco Identity Services Engine Arbitrary File Read and Delete Vulnerability
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is due to insufficient validation of user-supplβ¦
6.1
CVE-2024-20525 - Cisco Identity Services Engine Reflected Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attβ¦
5.4
CVE-2024-20514 - Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scriptiβ¦
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnβ¦
6.1
CVE-2024-20511 - Cisco Unified Communications Manager Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a usβ¦
4.3
CVE-2024-20507 - Cisco Meeting Management Information Disclosure Vulnerability
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface oβ¦
5.4
CVE-2024-20504 - Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Sitβ¦
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.β¦
4.3
CVE-2024-20487 - Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabiliy
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of anβ¦