Latest CVE Feed
-
6.1
MEDIUMCVE-2021-34772
A vulnerability in the web-based management interface of Cisco Orbital could allow an unauthenticated, remote attacker to redirect users to a malicious webpage. This vulnerability is due to improper validation of URL paths in the web-based management inte... Read more
Affected Products : orbital- EPSS Score: %0.18
- Published: Oct. 06, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-34771
A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local attacker to view more information than their privileges allow. This vulnerability is due to insufficient application of restrictions during the execution of a specific co... Read more
Affected Products : ios_xr- EPSS Score: %0.12
- Published: Sep. 09, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-34770
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to execute arbitrary code w... Read more
- EPSS Score: %1.06
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-34769
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial ... Read more
- EPSS Score: %0.21
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-34768
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial ... Read more
- EPSS Score: %0.21
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-34767
A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a... Read more
- EPSS Score: %0.14
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-34766
A vulnerability in the web UI of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and create, read, update, or delete records and settings in multiple functions. This vulnerability is d... Read more
Affected Products : smart_software_manager_on-prem- EPSS Score: %0.11
- Published: Oct. 06, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-34765
A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. The attacker requires valid device credentials. This vulnerability exists because proper role-b... Read more
Affected Products : nexus_insights- EPSS Score: %0.13
- Published: Sep. 02, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-34764
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerab... Read more
- EPSS Score: %0.32
- Published: Oct. 27, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-34763
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an attacker to execute a cross-site scripting (XSS) attack or an open redirect attack. For more information about these vulnerab... Read more
- EPSS Score: %0.29
- Published: Oct. 27, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-34762
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device ... Read more
- EPSS Score: %0.17
- Published: Oct. 27, 2021
- Modified: Nov. 21, 2024
-
6.6
MEDIUMCVE-2021-34761
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. The attacker must have administrative credentials on the devic... Read more
- EPSS Score: %0.21
- Published: Oct. 27, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-34760
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is... Read more
Affected Products : telepresence_management_suite- EPSS Score: %0.17
- Published: Oct. 21, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-34759
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the inter... Read more
Affected Products : identity_services_engine- EPSS Score: %0.17
- Published: Sep. 02, 2021
- Modified: Nov. 21, 2024
-
4.4
MEDIUMCVE-2021-34758
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition... Read more
- EPSS Score: %0.05
- Published: Oct. 06, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-34757
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vu... Read more
Affected Products : business_220-8t-e-2g_firmware business_220-8p-e-2g_firmware business_220-8fp-e-2g_firmware business_220-16t-2g_firmware business_220-16p-2g_firmware business_220-24t-4g_firmware business_220-24p-4g_firmware business_220-24fp-4g_firmware business_220-48t-4g_firmware business_220-48p-4g_firmware +22 more products- EPSS Score: %0.28
- Published: Oct. 06, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-34756
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section... Read more
- EPSS Score: %0.11
- Published: Oct. 27, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-34755
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section... Read more
- EPSS Score: %0.09
- Published: Oct. 27, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-34748
A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to perform a command injection attack on an affected device. This vulnerability is due to insufficient input validati... Read more
Affected Products : intersight_virtual_appliance- EPSS Score: %1.73
- Published: Oct. 06, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-34746
A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as ... Read more
Affected Products : enterprise_nfv_infrastructure_software- EPSS Score: %2.69
- Published: Sep. 02, 2021
- Modified: Nov. 21, 2024