Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-16 | CVE-2021-1566 | Improper Certificate Validation vulnerability in Cisco Asyncos and Email Security Appliance A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. | 7.4 |
| 2021-06-16 | CVE-2021-1567 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. | 6.7 |
| 2021-06-16 | CVE-2021-1568 | Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. | 5.5 |
| 2021-06-16 | CVE-2021-1569 | Improper Input Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. | 6.5 |
| 2021-06-16 | CVE-2021-1570 | Improper Input Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. | 6.5 |
| 2021-06-16 | CVE-2021-1571 | Cross-site Scripting vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information about these vulnerabilities, see the Details section of this advisory. | 6.1 |
| 2021-06-04 | CVE-2021-1502 | Unspecified vulnerability in Cisco products A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
| 2021-06-04 | CVE-2021-1503 | Out-of-bounds Write vulnerability in Cisco Webex Meetings Server and Webex Player A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
| 2021-06-04 | CVE-2021-1517 | Unspecified vulnerability in Cisco Webex Meetings Server A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. | 4.3 |
| 2021-06-04 | CVE-2021-1525 | Unspecified vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. | 6.1 |