Latest CVE Feed
-
7.7
HIGHCVE-2021-1623
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) conditi... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1622
A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. T... Read more
Affected Products : ios_xe 7600_router asr_901-12c-f-d asr_901-12c-ft-d asr_901-4c-f-d asr_901-4c-ft-d asr_901-6cz-f-a asr_901-6cz-f-d asr_901-6cz-fs-a asr_901-6cz-fs-d +3 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-1621
A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulner... Read more
Affected Products : ios_xe asr_1001 asr_1002 asr_1002-x asr_1004 asr_1006 asr_1013 1100-4g\/6g_integrated_services_router 1100-4p_integrated_services_router 1100-8p_integrated_services_router +35 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1619
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, ... Read more
Affected Products : ios_xe ios_xe_sd-wan ios_xe_sd-wan_16.10.1_when_installed_on_1000_series_integrated_services ios_xe_sd-wan_16.10.1_when_installed_on_4000_series_integrated_services ios_xe_sd-wan_16.10.1_when_installed_on_asr_1000_series_aggregation_services ios_xe_sd-wan_16.10.1_when_installed_on_integrated_services_virtual ios_xe_sd-wan_16.10.2_when_installed_on_1000_series_integrated_services ios_xe_sd-wan_16.10.2_when_installed_on_4000_series_integrated_services ios_xe_sd-wan_16.10.2_when_installed_on_asr_1000_series_aggregation_services ios_xe_sd-wan_16.10.2_when_installed_on_integrated_services_virtual +136 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1618
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due... Read more
Affected Products : intersight_virtual_appliance- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1617
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due... Read more
Affected Products : intersight_virtual_appliance- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
4.7
MEDIUMCVE-2021-1616
A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data v... Read more
Affected Products : ios_xe- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1615
A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC) Software for Catalyst Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected AP. Th... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-1614
A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insuffic... Read more
- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-1612
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker... Read more
Affected Products : sd-wan- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1611
A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800 Family Wireless Controller, Embedded Wireless Controller, and Embedded Wireless on Catalyst 9000 Series Switches could ... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1610
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) co... Read more
- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-1609
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) co... Read more
- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-1607
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because ... Read more
Affected Products : identity_services_engine- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-1606
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because ... Read more
Affected Products : identity_services_engine- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-1605
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because ... Read more
Affected Products : identity_services_engine- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-1604
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because ... Read more
Affected Products : identity_services_engine- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-1603
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because ... Read more
Affected Products : identity_services_engine- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-1602
A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affec... Read more
- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
8.3
HIGHCVE-2021-1601
Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 ... Read more
Affected Products : intersight_virtual_appliance- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024