Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-04 | CVE-2021-1289 | External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. | 9.8 |
| 2021-02-04 | CVE-2021-1288 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2021-02-04 | CVE-2021-1268 | Insufficient Adherence to Expected Conventions vulnerability in Cisco IOS XR A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause an IPv6 flood on the management interface network of an affected device. | 6.5 |
| 2021-02-04 | CVE-2021-1266 | Resource Exhaustion vulnerability in Cisco Managed Services Accelerator 3.7.0 A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2021-02-04 | CVE-2021-1244 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. | 6.7 |
| 2021-02-04 | CVE-2021-1243 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to allow connections despite the management plane protection that is configured to deny access to the SNMP server of an affected device. | 7.5 |
| 2021-02-04 | CVE-2021-1221 | Injection vulnerability in Cisco Webex Meetings Server A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email. | 4.1 |
| 2021-02-04 | CVE-2021-1136 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. | 6.7 |
| 2021-02-04 | CVE-2021-1128 | Information Exposure Through Sent Data vulnerability in Cisco IOS XR A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. | 5.5 |
| 2021-01-30 | CVE-2020-14418 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. | 6.9 |