Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-1369 | XXE vulnerability in Cisco Firepower Device Manager A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. | 5.4 |
| 2021-04-29 | CVE-2021-1256 | Files or Directories Accessible to External Parties vulnerability in Cisco Firepower Threat Defense A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. | 6.0 |
| 2021-04-08 | CVE-2021-1485 | Argument Injection or Modification vulnerability in Cisco IOS XR A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating system (OS) of an affected device. | 7.8 |
| 2021-04-08 | CVE-2021-1480 | Improper Input Validation vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. | 7.8 |
| 2021-04-08 | CVE-2021-1479 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. | 9.8 |
| 2021-04-08 | CVE-2021-1475 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Cisco Umbrella Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. | 4.1 |
| 2021-04-08 | CVE-2021-1474 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Cisco Umbrella Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. | 8.6 |
| 2021-04-08 | CVE-2021-1473 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. | 9.8 |
| 2021-04-08 | CVE-2021-1472 | Improper Authentication vulnerability in Cisco products Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. | 9.8 |
| 2021-04-08 | CVE-2021-1467 | Unspecified vulnerability in Cisco Webex Meetings A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. | 4.3 |