Latest CVE Feed
-
4.4
MEDIUMCVE-2021-1583
A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system.... Read more
Affected Products : nx-os nx-os nexus_9000 nexus_9000v nexus_92160yc-x nexus_92300yc nexus_92304qc nexus_92348gc-x nexus_9236c nexus_9272q +33 more products- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-1582
A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability is due t... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-1581
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more in... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1580
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more in... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1579
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credential... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1578
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator ... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-1577
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files on a... Read more
- Published: Aug. 25, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-1576
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforce... Read more
Affected Products : business_process_automation- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1575
A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the ... Read more
Affected Products : virtualized_voice_browser- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1574
Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforce... Read more
Affected Products : business_process_automation- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1573
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulner... Read more
Affected Products : adaptive_security_appliance_software firepower_threat_defense adaptive_security_appliance- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1572
A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on a... Read more
- Published: Aug. 04, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-1571
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating syste... Read more
Affected Products : sf220-24p_firmware sf220-48_firmware sf220-48p_firmware sg220-26_firmware sg220-26p_firmware sg220-28mp_firmware sg220-50_firmware sg220-50p_firmware sf220-24_firmware sf220-24p +8 more products- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1570
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. For more information about these vulner... Read more
Affected Products : jabber- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1569
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. For more information about these vulner... Read more
Affected Products : jabber- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-1568
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacke... Read more
Affected Products : anyconnect_secure_mobility_client- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
7.0
HIGHCVE-2021-1567
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on t... Read more
Affected Products : anyconnect_secure_mobility_client- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-1566
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic ... Read more
- Published: Jun. 16, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1565
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial ... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1564
Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which cou... Read more
- Published: Jun. 04, 2021
- Modified: Nov. 21, 2024