Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-11 | CVE-2020-24588 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. | 3.5 |
| 2021-05-11 | CVE-2020-26139 | Improper Authentication vulnerability in multiple products An issue was discovered in the kernel in NetBSD 7.1. | 5.3 |
| 2021-05-11 | CVE-2020-26140 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. | 6.5 |
| 2021-05-11 | CVE-2020-26141 | Improper Validation of Integrity Check Value vulnerability in multiple products An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. | 6.5 |
| 2021-05-06 | CVE-2021-1275 | Resource Exhaustion vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain unauthorized access to the application. | 7.5 |
| 2021-05-06 | CVE-2021-1284 | Unspecified vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify the configuration of an affected system. low complexity cisco | 8.8 |
| 2021-05-06 | CVE-2021-1363 | Unspecified vulnerability in Cisco Unified Communications Manager IM and Presence Service Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.1 |
| 2021-05-06 | CVE-2021-1365 | SQL Injection vulnerability in Cisco Unified Communications Manager IM and Presence Service Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.1 |
| 2021-05-06 | CVE-2021-1397 | Unspecified vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 6.1 |
| 2021-05-06 | CVE-2021-1400 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. | 8.8 |