Cisco Vision Dynamic Signage Director
Recent Cisco Vision Dynamic Signage Director Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2021-10-06 | Cisco Vision Dynamic Signage Director Reflected Cross-Site Scripting Vulnerability | October 6, 2021 |
By the Year
In 2024 there have been 0 vulnerabilities in Cisco Vision Dynamic Signage Director . Vision Dynamic Signage Director did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 6.10 |
| 2020 | 2 | 5.70 |
| 2019 | 1 | 9.80 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Vision Dynamic Signage Director vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Vision Dynamic Signage Director Security Vulnerabilities
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could
CVE-2021-34742
6.1 - Medium
- October 06, 2021
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
XSS
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could
CVE-2020-3598
6.5 - Medium
- October 08, 2020
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-based management interface. An attacker could exploit this vulnerability by accessing a crafted URL. A successful exploit could allow the attacker to obtain access to a section of the interface, which they could use to read confidential information or make configuration changes.
Missing Authentication for Critical Function
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could
CVE-2020-3450
4.9 - Medium
- July 16, 2020
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the web-based management interface and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data that is stored in the underlying database, including hashed user credentials. To exploit this vulnerability, an attacker would need valid administrative credentials.
SQL Injection
A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could
CVE-2019-1917
9.8 - Critical
- July 17, 2019
A vulnerability in the REST API interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on the affected system. The REST API is enabled by default and cannot be disabled.
authentification
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Vision Dynamic Signage Director or by Cisco? Click the Watch button to subscribe.
