Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-20 | CVE-2021-1274 | NULL Pointer Dereference vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. | 8.6 |
| 2021-01-20 | CVE-2021-1273 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. | 8.6 |
| 2021-01-20 | CVE-2021-1272 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Data Center Network Manager A vulnerability in the session validation feature of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. | 8.8 |
| 2021-01-20 | CVE-2021-1271 | Cross-site Scripting vulnerability in Cisco web Security Virtual Appliance A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. | 4.8 |
| 2021-01-20 | CVE-2021-1270 | Incorrect Authorization vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. | 6.5 |
| 2021-01-20 | CVE-2021-1269 | Incorrect Authorization vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. | 6.3 |
| 2021-01-20 | CVE-2021-1265 | Cleartext Storage of Sensitive Information vulnerability in Cisco DNA Center A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privilege-level authenticated, remote attacker to obtain the full unmasked running configuration of managed devices. | 4.0 |
| 2021-01-20 | CVE-2021-1264 | OS Command Injection vulnerability in Cisco DNA Center A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. | 8.8 |
| 2021-01-20 | CVE-2021-1263 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 7.8 |
| 2021-01-20 | CVE-2021-1262 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. | 7.8 |