Latest CVE Feed
-
5.5
MEDIUMCVE-2021-1283
A vulnerability in the logging subsystem of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. The vulnerability exists because sensitive info... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1282
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabil... Read more
Affected Products : unified_communications_manager_im_and_presence_service unified_communications_manager- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
6.9
MEDIUMCVE-2021-1281
A vulnerability in CLI management in Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system as the root user. This vulnerability is due to the way the software handles concurrent CLI sessions. A... Read more
Affected Products : ios_xe- Published: Mar. 24, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1280
A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection (AMP) for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerab... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1279
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advi... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1278
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advi... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-1277
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. These vulnerabilities are due to i... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-1276
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. These vulnerabilities are due to i... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1275
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain una... Read more
- Published: May. 06, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1274
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advi... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1273
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advi... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-1272
A vulnerability in the session validation feature of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. This vuln... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-1271
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affecte... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1270
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulner... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1269
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulner... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-1268
A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause an IPv6 flood on the management interface network of an affected device. The vulnerability exist... Read more
- Published: Feb. 04, 2021
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2021-1266
A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the way that the affected software lo... Read more
Affected Products : managed_services_accelerator- Published: Feb. 04, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1263
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more in... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1262
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more in... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1261
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more in... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024