Latest CVE Feed
-
5.8
MEDIUMCVE-2021-1591
A vulnerability in the EtherChannel port subscription logic of Cisco Nexus 9500 Series Switches could allow an unauthenticated, remote attacker to bypass access control list (ACL) rules that are configured on an affected device. This vulnerability is due ... Read more
Affected Products : nx-os nexus_9500_16-slot nexus_9500_4-slot nexus_9500_8-slot nexus_9504 nexus_9508 nexus_9516- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-1590
A vulnerability in the implementation of the system login block-for command for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a login process to unexpectedly restart, causing a denial of service (DoS) condition. This vulner... Read more
Affected Products : nx-os nexus_7000_10-slot nexus_7000_18-slot nexus_7000_9-slot nexus_3000 unified_computing_system nexus_5548p nexus_5548up nexus_5596up nexus_3048 +93 more products- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1589
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exists because access to API endpoints is not properly rest... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1588
A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to i... Read more
Affected Products : nx-os nexus_7000_10-slot nexus_7000_18-slot nexus_7000_9-slot nexus_3000 nexus_3048 nexus_31108pc-v nexus_31108tc-v nexus_31128pq nexus_3132c-z +57 more products- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1587
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnera... Read more
Affected Products : nx-os nexus_3000 nexus_3048 nexus_31108pc-v nexus_31108tc-v nexus_31128pq nexus_3132c-z nexus_3132q-v nexus_3132q-x\/3132q-xl nexus_3164q +53 more products- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1586
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resultin... Read more
Affected Products : nx-os nx-os nexus_9000v nexus_92160yc-x nexus_92300yc nexus_92304qc nexus_92348gc-x nexus_9236c nexus_9272q nexus_93108tc-ex +32 more products- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2021-1585
A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. This vulnerability is due to a lack of proper signature verification for ... Read more
- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-1584
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions du... Read more
Affected Products : nx-os nx-os nexus_9000 nexus_9000v nexus_92160yc-x nexus_92300yc nexus_92304qc nexus_92348gc-x nexus_9236c nexus_9272q +33 more products- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
4.4
MEDIUMCVE-2021-1583
A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system.... Read more
Affected Products : nx-os nx-os nexus_9000 nexus_9000v nexus_92160yc-x nexus_92300yc nexus_92304qc nexus_92348gc-x nexus_9236c nexus_9272q +33 more products- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-1582
A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability is due t... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-1581
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more in... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1580
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more in... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1579
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credential... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1578
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator ... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-1577
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files on a... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-1576
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforce... Read more
Affected Products : business_process_automation- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1575
A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the ... Read more
Affected Products : virtualized_voice_browser- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1574
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforce... Read more
Affected Products : business_process_automation- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1573
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulner... Read more
Affected Products : adaptive_security_appliance_software firepower_threat_defense adaptive_security_appliance- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1572
A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on a... Read more
- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024