Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-30 | CVE-2020-14418 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. | 7.0 |
| 2021-01-20 | CVE-2021-1250 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface. | 5.4 |
| 2021-01-20 | CVE-2021-1249 | Unspecified vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface. | 5.4 |
| 2021-01-20 | CVE-2021-1248 | Unspecified vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. | 7.2 |
| 2021-01-20 | CVE-2021-1247 | Unspecified vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. | 8.8 |
| 2021-01-20 | CVE-2021-1241 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. | 7.5 |
| 2021-01-20 | CVE-2021-1235 | Unspecified vulnerability in Cisco Sd-Wan Vmanage A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. | 5.5 |
| 2021-01-20 | CVE-2021-1233 | Unspecified vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information on an affected device. | 4.4 |
| 2021-01-20 | CVE-2021-1225 | Unspecified vulnerability in Cisco Sd-Wan Vmanage Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. | 9.1 |
| 2021-01-20 | CVE-2021-1222 | Unspecified vulnerability in Cisco Smart Software Manager On-Prem 5.0/5.1.0 A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.1 |