Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-04 | CVE-2021-1268 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause an IPv6 flood on the management interface network of an affected device. low complexity cisco | 6.5 |
| 2021-02-04 | CVE-2021-1266 | Unspecified vulnerability in Cisco Managed Services Accelerator 3.7.0 A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2021-02-04 | CVE-2021-1244 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. | 6.7 |
| 2021-02-04 | CVE-2021-1243 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to allow connections despite the management plane protection that is configured to deny access to the SNMP server of an affected device. | 7.5 |
| 2021-02-04 | CVE-2021-1221 | Injection vulnerability in Cisco Webex Meetings Server A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email. | 4.1 |
| 2021-02-04 | CVE-2021-1136 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. | 6.7 |
| 2021-02-04 | CVE-2021-1128 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. | 5.5 |
| 2021-01-30 | CVE-2020-14418 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. | 7.0 |
| 2021-01-20 | CVE-2021-1250 | Cross-site Scripting vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface. | 5.4 |
| 2021-01-20 | CVE-2021-1249 | Unspecified vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface. | 5.4 |