Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2021-1517 | Protection Mechanism Failure vulnerability in Cisco Webex Meetings Server A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. | 4.3 |
| 2021-06-04 | CVE-2021-1525 | Open Redirect vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. | 6.1 |
| 2021-06-04 | CVE-2021-1526 | Out-of-bounds Write vulnerability in Cisco Webex Player 3.0/4.0 A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
| 2021-06-04 | CVE-2021-1527 | Out-of-bounds Write vulnerability in Cisco Webex Player 3.0/4.0 A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. | 6.1 |
| 2021-06-04 | CVE-2021-1528 | Execution with Unnecessary Privileges vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. | 7.8 |
| 2021-06-04 | CVE-2021-1536 | Uncontrolled Search Path Element vulnerability in Cisco products A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. | 7.8 |
| 2021-06-04 | CVE-2021-1537 | Insufficiently Protected Credentials vulnerability in Cisco Thousandeyes Recorder 1.0.3 A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an unauthenticated, local attacker to access sensitive information that is contained in the ThousandEyes Recorder installer software. | 5.5 |
| 2021-06-04 | CVE-2021-1538 | OS Command Injection vulnerability in Cisco Common Services Platform Collector A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to execute arbitrary code. | 7.2 |
| 2021-06-04 | CVE-2021-1539 | Incorrect Authorization vulnerability in Cisco Staros Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. | 8.8 |
| 2021-06-04 | CVE-2021-1540 | Incorrect Authorization vulnerability in Cisco Staros Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. | 7.2 |