Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-04 | CVE-2021-34707 | Information Exposure vulnerability in Cisco Evolved Programmable Network Manager A vulnerability in the REST API of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to access sensitive data on an affected system. | 6.5 |
| 2021-07-22 | CVE-2021-33478 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. | 4.6 |
| 2021-07-22 | CVE-2021-1518 | Code Injection vulnerability in Cisco Firepower Device Manager On-Box A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. | 8.8 |
| 2021-07-22 | CVE-2021-1599 | Cross-site Scripting vulnerability in Cisco Unified Customer Voice Portal A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user. | 5.4 |
| 2021-07-22 | CVE-2021-1600 | Unspecified vulnerability in Cisco Intersight Virtual Appliance 1.0(1) Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. low complexity cisco | 8.3 |
| 2021-07-22 | CVE-2021-1601 | Unspecified vulnerability in Cisco Intersight Virtual Appliance 1.0(1) Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. low complexity cisco | 8.3 |
| 2021-07-22 | CVE-2021-1614 | Unspecified vulnerability in Cisco Sd-Wan A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. | 5.3 |
| 2021-07-22 | CVE-2021-1617 | Path Traversal vulnerability in Cisco Intersight Virtual Appliance 1.0.9148/1.0.9150/1.0.9230 Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. | 6.5 |
| 2021-07-22 | CVE-2021-1618 | OS Command Injection vulnerability in Cisco Intersight Virtual Appliance 1.0.9148/1.0.9150/1.0.9230 Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. | 7.2 |
| 2021-07-22 | CVE-2021-34700 | Insufficiently Protected Credentials vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. | 5.5 |