Cisco Cisco Industrial Network Director
13 CVEs affecting Cisco Cisco Industrial Network Director. Latest disclosed: 2024-11-15. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-20036 | Critical | 9.9 | 2024-11-15 | A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the un… |
CVE-2019-1976 | Critical | 9.8 | 2019-09-05 | A vulnerability in the “plug-and-play” services component of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacke… |
CVE-2023-20038 | High | 8.8 | 2023-01-20 | A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key u… |
CVE-2018-0446 | High | 8.8 | 2018-10-05 | A vulnerability in the web-based management interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a cross-s… |
CVE-2019-1861 | High | 7.2 | 2019-06-05 | A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. Th… |
CVE-2020-3567 | Medium | 6.5 | 2020-10-08 | A vulnerability in the management REST API of Cisco Industrial Network Director (IND) could allow an authenticated, remote attacker to cause the CPU utilizatio… |
CVE-2019-15973 | Medium | 6.1 | 2019-11-26 | A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a c… |
CVE-2019-1940 | Medium | 5.9 | 2019-07-17 | A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker… |
CVE-2023-20039 | Medium | 5.5 | 2024-11-15 | A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data. This vulnerability is due to insufficient default file p… |
CVE-2023-20037 | Medium | 5.4 | 2023-01-20 | A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The… |
CVE-2019-1882 | Medium | 5.4 | 2019-06-05 | A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vu… |
CVE-2019-1881 | Medium | 4.7 | 2019-06-05 | A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a c… |
CVE-2018-15392 | Medium | 4.3 | 2018-10-05 | A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) c… |