Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-1397 | Open Redirect vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 6.1 |
| 2021-05-06 | CVE-2021-1400 | Improper Privilege Management vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. | 8.8 |
| 2021-05-06 | CVE-2021-1401 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. | 7.2 |
| 2021-05-06 | CVE-2021-1421 | OS Command Injection vulnerability in Cisco Enterprise NFV Infrastructure Software A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. | 7.8 |
| 2021-05-06 | CVE-2021-1426 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1427 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1428 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1429 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1430 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1438 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Wide Area Application Services A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. | 5.5 |