Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-1599 | Cross-site Scripting vulnerability in Cisco Unified Customer Voice Portal A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user. | 5.4 |
| 2021-07-22 | CVE-2021-1600 | Unspecified vulnerability in Cisco Intersight Virtual Appliance 1.0(1) Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. low complexity cisco | 8.3 |
| 2021-07-22 | CVE-2021-1601 | Unspecified vulnerability in Cisco Intersight Virtual Appliance 1.0(1) Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. low complexity cisco | 8.3 |
| 2021-07-22 | CVE-2021-1614 | Unspecified vulnerability in Cisco Sd-Wan A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. | 5.3 |
| 2021-07-22 | CVE-2021-1617 | Path Traversal vulnerability in Cisco Intersight Virtual Appliance 1.0.9148/1.0.9150/1.0.9230 Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. | 6.5 |
| 2021-07-22 | CVE-2021-1618 | OS Command Injection vulnerability in Cisco Intersight Virtual Appliance 1.0.9148/1.0.9150/1.0.9230 Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. | 7.2 |
| 2021-07-22 | CVE-2021-34700 | Insufficiently Protected Credentials vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. | 5.5 |
| 2021-07-16 | CVE-2021-1422 | Reachable Assertion vulnerability in Cisco products A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. | 7.7 |
| 2021-07-08 | CVE-2021-1359 | Unspecified vulnerability in Cisco Asyncos and web Security Appliance A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. | 8.8 |
| 2021-07-08 | CVE-2021-1562 | Improper Input Validation vulnerability in Cisco Broadworks Application Server A vulnerability in the XSI-Actions interface of Cisco BroadWorks Application Server could allow an authenticated, remote attacker to access sensitive information on an affected system. | 4.3 |