Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-25 | CVE-2021-1577 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files on an affected system. | 9.1 |
| 2021-08-25 | CVE-2021-1578 | Improper Handling of Exceptional Conditions vulnerability in Cisco products A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device. | 8.8 |
| 2021-08-25 | CVE-2021-1579 | Improper Privilege Management vulnerability in Cisco products A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges on an affected system. | 8.8 |
| 2021-08-25 | CVE-2021-1580 | Command Injection vulnerability in Cisco Application Policy Infrastructure Controller Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. | 7.2 |
| 2021-08-25 | CVE-2021-1581 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. | 9.1 |
| 2021-08-25 | CVE-2021-1582 | Cross-site Scripting vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. | 5.4 |
| 2021-08-25 | CVE-2021-1583 | Unspecified vulnerability in Cisco Nx-Os 14.2(7F) A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system. | 4.4 |
| 2021-08-25 | CVE-2021-1584 | OS Command Injection vulnerability in Cisco Nx-Os 14.2(7F) A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2021-08-25 | CVE-2021-1586 | Insufficient Verification of Data Authenticity vulnerability in Cisco Nx-Os 15.0(2E)/15.1(1H) A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition. | 8.6 |
| 2021-08-25 | CVE-2021-1587 | Interpretation Conflict vulnerability in Cisco Nx-Os A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software, known as NGOAM, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |