Latest CVE Feed
-
6.5
MEDIUMCVE-2021-1532
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerab... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1531
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. This ... Read more
Affected Products : modeling_labs- Published: May. 22, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-1530
A vulnerability in the web-based management interface of Cisco BroadWorks Messaging Server Software could allow an authenticated, remote attacker to access sensitive information or cause a partial denial of service (DoS) condition on an affected system. T... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1529
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could expl... Read more
Affected Products : ios_xe sd-wan catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr ios_xe_sd-wan asr_1001 asr_1002 +48 more products- Published: Oct. 21, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1528
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged pro... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1527
A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. The vulnerability is due to insuff... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1526
A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in Webex Recording Format... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1525
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An a... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1524
A vulnerability in the API of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because requests that are sent to the API are not properly valid... Read more
Affected Products : meeting_server- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1523
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to th... Read more
Affected Products : nx-os nx-os nexus_93120tx nexus_93128tx nexus_9332pq nexus_9372px nexus_9372px-e nexus_9372tx nexus_9372tx-e nexus_9396px +1 more products- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-1522
A vulnerability in the change password API of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configure... Read more
Affected Products : connected_mobile_experiences- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1521
A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. This vulnerability is due to missing checks when... Read more
Affected Products : video_surveillance_8400_firmware video_surveillance_8000p_firmware video_surveillance_8020_firmware video_surveillance_8030_firmware video_surveillance_8070_firmware video_surveillance_8620_firmware video_surveillance_8630_firmware video_surveillance_8930_firmware video_surveillance_8400 video_surveillance_8000p +6 more products- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-1520
A vulnerability in the internal message processing of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, local attacker to run arbitrary commands with root privileges on the underlying operating system (OS). ... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-1519
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. The vulnerability is due to insufficient vali... Read more
Affected Products : anyconnect_secure_mobility_client- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1518
A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insuffic... Read more
- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
5.0
MEDIUMCVE-2021-1517
A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within th... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1516
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attack... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-1515
A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. This vulnerability is due to improper access controls on API endpoints when Cisco SD-WAN vManage Software is runnin... Read more
Affected Products : sd-wan_vmanage- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1514
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating system. This vulnerability is due to insufficient input ... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1513
A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed ... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024