Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-20 | CVE-2021-1299 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 8.8 |
| 2021-01-20 | CVE-2021-1298 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 8.8 |
| 2021-01-20 | CVE-2021-1286 | Improper Input Validation vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface. | 6.1 |
| 2021-01-20 | CVE-2021-1283 | Uncontrolled Memory Allocation vulnerability in Cisco Data Center Network Manager A vulnerability in the logging subsystem of Cisco Data Center Network Manager (DCNM) could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. | 5.5 |
| 2021-01-20 | CVE-2021-1282 | SQL Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. | 4.9 |
| 2021-01-20 | CVE-2021-1280 | Uncontrolled Search Path Element vulnerability in Cisco Advanced Malware Protection for Endpoints and Immunet A vulnerability in the loading mechanism of specific DLLs of Cisco Advanced Malware Protection (AMP) for Endpoints for Windows and Immunet for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. | 7.3 |
| 2021-01-20 | CVE-2021-1279 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. | 8.6 |
| 2021-01-20 | CVE-2021-1278 | Link Following vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. | 7.5 |
| 2021-01-20 | CVE-2021-1277 | Improper Certificate Validation vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. | 6.5 |
| 2021-01-20 | CVE-2021-1276 | Improper Certificate Validation vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. | 6.5 |