cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-20626,https://securityvulnerability.io/vulnerability/CVE-2022-20626,Cisco Prime Access Registrar Appliance Vulnerability Could Lead to Cross-Site Scripting Attacks,"A vulnerability exists in the web-based management interface of the Cisco Prime Access Registrar Appliance that permits authenticated remote attackers to initiate cross-site scripting (XSS) attacks against users of the interface. This issue arises from inadequate validation of user-supplied input, enabling attackers to exploit the vulnerability by enticing users to click on a specially crafted link. If successfully exploited, this vulnerability could allow attackers to execute arbitrary script code within the context of the interface or gain access to sensitive information stored in the browser. Cisco has released software updates to mitigate this vulnerability; however, no workarounds are available.",Cisco,Cisco Prime Access Registrar,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-15T16:04:04.233Z,0
CVE-2021-34731,https://securityvulnerability.io/vulnerability/CVE-2021-34731,Cisco Prime Access Registrar Stored Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco Prime Access Registrar could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need valid administrative credentials. Cisco expects to release software updates that address this vulnerability.",Cisco,Cisco Prime Access Registrar,4.8,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-08-04T02:15:21.000Z,,false,false,,2021-11-04T16:15:00.000Z,0
CVE-2018-0421,https://securityvulnerability.io/vulnerability/CVE-2018-0421,Cisco Prime Access Registrar Denial of Service Vulnerability,"A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained.",Cisco,Cisco Prime Access Registrar,8.6,HIGH,0.0025100000202655792,false,,false,false,false,,,false,false,,2018-10-05T14:29:00.000Z,0