Latest CVE Feed
-
5.5
MEDIUMCVE-2021-1544
A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. This vulnerability is due to unsafe logging of application actions. An attacker could explo... Read more
Affected Products : webex_meetings- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-1543
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating syste... Read more
Affected Products : sf220-24p_firmware sf220-48_firmware sf220-48p_firmware sg220-26_firmware sg220-26p_firmware sg220-28mp_firmware sg220-50_firmware sg220-50p_firmware sf220-24_firmware sf220-24p +8 more products- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2021-1542
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating syste... Read more
Affected Products : sf220-24p_firmware sf220-48_firmware sf220-48p_firmware sg220-26_firmware sg220-26p_firmware sg220-28mp_firmware sg220-50_firmware sg220-50p_firmware sf220-24_firmware sf220-24p +8 more products- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1541
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating syste... Read more
Affected Products : sf220-24p_firmware sf220-48_firmware sf220-48p_firmware sg220-26_firmware sg220-26p_firmware sg220-28mp_firmware sg220-50_firmware sg220-50p_firmware sf220-24_firmware sf220-24p +8 more products- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1540
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about t... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-1539
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about t... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1538
A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to execute arbitrary code. This vulnerability is due to insufficient sanitization of configuration entries. An ... Read more
Affected Products : common_services_platform_collector- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
6.2
MEDIUMCVE-2021-1537
A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an unauthenticated, local attacker to access sensitive information that is contained in the ThousandEyes Recorder installer software. This vulnerability exists because se... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1536
A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attac... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-1535
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the Cisco SD-WAN vManage Softwa... Read more
Affected Products : sd-wan_vmanage- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2021-1534
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due ... Read more
- Published: Oct. 06, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1532
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerab... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1531
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. This ... Read more
Affected Products : modeling_labs- Published: May. 22, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-1530
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. T... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1529
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could expl... Read more
Affected Products : ios_xe sd-wan catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr ios_xe_sd-wan asr_1001 asr_1002 +48 more products- Published: Oct. 21, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1528
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged pro... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1527
A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. The vulnerability is due to insuff... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1526
A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in Webex Recording Format... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1525
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An a... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1524
A vulnerability in the API of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because requests that are sent to the API are not properly valid... Read more
Affected Products : meeting_server- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024