Latest CVE Feed
-
7.2
HIGHCVE-2021-1375
Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an authenticated, local attacker to either execute arbitrary code on the... Read more
Affected Products : ios_xe- Published: Mar. 24, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-1374
A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user o... Read more
Affected Products : ios_xe- Published: Mar. 24, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1373
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to ... Read more
Affected Products : ios_xe catalyst_9300 catalyst_9500 catalyst_9800-40 catalyst_9800-80 catalyst_9800-cl catalyst_9800-l catalyst_9400- Published: Mar. 24, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-1372
A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. This vulnerability is due to the unsafe usage of share... Read more
- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-1371
A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using the console port when the device is in the default SD-WAN ... Read more
- Published: Mar. 24, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1370
A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running NCS540L software images could allow an authenticated, local attacker to elevate their privilege to root. ... Read more
- Published: Feb. 04, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-1369
A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the impro... Read more
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-1368
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (Do... Read more
Affected Products : nx-os firepower_extensible_operating_system unified_computing_system nexus_7000 nexus_5548p nexus_5548up nexus_5596up nexus_3048 nexus_5596t nexus_56128p +91 more products- Published: Feb. 24, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-1367
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient inp... Read more
Affected Products : nx-os nexus_92300yc_switch nexus_92304qc_switch nexus_9236c_switch nexus_9272q_switch nexus_93108tc-ex_switch nexus_93108tc-fx-24 nexus_93120tx nexus_93128tx nexus_9316d-gx +33 more products- Published: Feb. 24, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1366
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Modul... Read more
Affected Products : anyconnect_secure_mobility_client- Published: Feb. 17, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1365
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities ar... Read more
Affected Products : unified_communications_manager_im_and_presence_service- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1364
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabil... Read more
Affected Products : unified_communications_manager_im_and_presence_service unified_communications_manager- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1363
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities ar... Read more
Affected Products : unified_communications_manager_im_and_presence_service- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1362
A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime Lice... Read more
- Published: Apr. 08, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1361
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote at... Read more
Affected Products : nx-os nexus_3000 nexus_3100 nexus_3100-z nexus_3100v nexus_3200 nexus_3400 nexus_3500 nexus_3600 nexus_9000v +39 more products- Published: Feb. 24, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1360
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. T... Read more
- Published: Jan. 13, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1359
A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient va... Read more
- Published: Jul. 08, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1358
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP req... Read more
- Published: May. 22, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1357
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabil... Read more
Affected Products : unified_communications_manager_im_and_presence_service unified_communications_manager- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
4.3
MEDIUMCVE-2021-1356
Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume vty line instances, resulting in a denial of service (D... Read more
Affected Products : ios_xe- Published: Mar. 24, 2021
- Modified: Nov. 21, 2024