Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-13 | CVE-2021-1310 | Open Redirect vulnerability in Cisco Webex Meetings A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection. | 4.7 |
| 2021-01-13 | CVE-2021-1307 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. | 7.2 |
| 2021-01-13 | CVE-2021-1267 | XML Entity Expansion vulnerability in Cisco Firepower Management Center A vulnerability in the dashboard widget of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 4.0 |
| 2021-01-13 | CVE-2021-1258 | Improper Privilege Management vulnerability in multiple products A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device. | 5.5 |
| 2021-01-13 | CVE-2021-1246 | Cross-site Scripting vulnerability in Cisco Finesse Cisco Finesse, Cisco Virtualized Voice Browser, and Cisco Unified CVP OpenSocial Gadget Editor Unauthenticated Access Vulnerability A vulnerability in the web management interface of Cisco Finesse, Cisco Virtualized Voice Browser, and Cisco Unified CVP could allow an unauthenticated, remote attacker to access the OpenSocial Gadget Editor without providing valid user credentials. The vulnerability is due to missing authentication for a specific section of the web-based management interface. | 6.1 |
| 2021-01-13 | CVE-2021-1245 | Cross-site Scripting vulnerability in Cisco Finesse Cisco Finesse and Cisco Unified CVP OpenSocial Gadget Editor Cross-Site Scripting Vulnerability A vulnerability in the web-based management interface of Cisco Finesse and Cisco Unified CVP could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. | 6.1 |
| 2021-01-13 | CVE-2021-1242 | Unspecified vulnerability in Cisco Webex Teams A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. | 4.3 |
| 2021-01-13 | CVE-2021-1240 | Uncontrolled Search Path Element vulnerability in Cisco Proximity A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. | 7.3 |
| 2021-01-13 | CVE-2021-1239 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. | 3.5 |
| 2021-01-13 | CVE-2021-1238 | Cross-site Scripting vulnerability in Cisco Firepower Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. | 3.5 |