cisco-sa-cuc-xss-9TFuu5MS
Cisco PSIRTHIGH2024-01-24
Cisco Unity Connection Cross-Site Scripting Vulnerability
CVEs:CVE-2024-20305
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-73608 | affected | Cisco | — | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity).
Cisco Unity Connection Cross-Site Scripting Vulnerability
CVEs:CVE-2024-20305
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-73608 | affected | Cisco | — | — |
Cisco Unified Communications Products Remote Code Execution Vulnerability
CVEs:CVE-2024-20253
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-189784 | affected | Cisco | — | — |
| CVRFPID-233658 | affected | Cisco | — | — |
| CVRFPID-244955 | affected | Cisco | — | — |
| CVRFPID-277610 | affected | Cisco | — | — |
| CVRFPID-73608 | affected | Cisco | — | — |
| CVRFPID-7500 | affected | Cisco | — | — |
| CVRFPID-88444 | affected | Cisco | — | — |
| CVRFPID-92631 | affected | Cisco | — | — |
Cisco Small Business Series Switches Stacked Reload ACL Bypass Vulnerability
CVEs:CVE-2024-20263
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-278027 | affected | Cisco | — | — |
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability
CVEs:CVE-2024-20251
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-111903 | affected | Cisco | — | — |
Cisco BroadWorks Application Delivery Platform and Xtended Services Platform Stored Cross-Site Scripting Vulnerability
CVEs:CVE-2024-20270
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-282087 | affected | Cisco | — | — |
Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability
CVEs:CVE-2024-20272
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-73608 | affected | Cisco | — | — |
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Vulnerabilities
CVEs:CVE-2023-20257CVE-2023-20258CVE-2023-20260CVE-2023-20271
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-190324 | affected | Cisco | — | — |
| CVRFPID-213688 | affected | Cisco | — | — |
Cisco WAP371 Wireless Access Point Command Injection Vulnerability
CVEs:CVE-2024-20287
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-280012 | affected | Cisco | — | — |
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability
CVEs:CVE-2024-20277
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-282176 | affected | Cisco | — | — |
Cisco TelePresence Management Suite Cross-Site Scripting Vulnerabilities
CVEs:CVE-2023-20249CVE-2023-20248
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-191859 | affected | Cisco | — | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.