Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-34705 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. | 5.3 |
| 2021-09-23 | CVE-2021-34712 | Unspecified vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. | 6.5 |
| 2021-09-23 | CVE-2021-34714 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. | 7.4 |
| 2021-09-23 | CVE-2021-34723 | Exposure of Resource to Wrong Sphere vulnerability in Cisco IOS XE 17.3.1A A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. | 6.7 |
| 2021-09-23 | CVE-2021-34724 | Unspecified vulnerability in Cisco IOS XE Sd-Wan A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. | 6.0 |
| 2021-09-23 | CVE-2021-34725 | OS Command Injection vulnerability in Cisco IOS XE Sd-Wan A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. | 6.7 |
| 2021-09-23 | CVE-2021-34726 | OS Command Injection vulnerability in Cisco Sd-Wan A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. | 6.7 |
| 2021-09-23 | CVE-2021-34727 | Classic Buffer Overflow vulnerability in Cisco IOS XE Sd-Wan A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. | 9.8 |
| 2021-09-23 | CVE-2021-34729 | OS Command Injection vulnerability in Cisco IOS XE and IOS XE Sd-Wan A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. | 6.7 |
| 2021-09-23 | CVE-2021-34740 | Memory Leak vulnerability in Cisco Aironet Access Point Software 17.2/17.3 A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.4 |