Cisco Web Security Virtual Appliance 11.0.0

CPE Details

Cisco Web Security Virtual Appliance 11.0.0
cisco
web_security_virtual_appliance
11.0.0
2017-07-28
16h25 +00:00
2021-04-01
15h46 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:web_security_virtual_appliance:11.0.0:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

web_security_virtual_appliance

Version

11.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-1271 2021-01-20 19h57 +00:00 A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.
4.8
Medium
CVE-2017-6748 2017-07-25 17h00 +00:00 A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234.
6.7
Medium