Vulnerabilities > Cisco > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-1497 OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
network
low complexity
cisco CWE-78
critical
9.8
2021-05-06 CVE-2021-1498 Command Injection vulnerability in Cisco Hyperflex HX Data Platform
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
network
low complexity
cisco CWE-77
critical
9.8
2021-04-08 CVE-2021-1479 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system.
network
low complexity
cisco CWE-119
critical
9.8
2021-04-08 CVE-2021-1473 OS Command Injection vulnerability in Cisco products
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers.
network
low complexity
cisco CWE-78
critical
9.8
2021-04-08 CVE-2021-1472 Improper Authentication vulnerability in Cisco products
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers.
network
low complexity
cisco CWE-287
critical
9.8
2021-04-08 CVE-2021-1459 Improper Input Validation vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.
network
low complexity
cisco CWE-20
critical
9.8
2021-03-24 CVE-2021-1411 Unspecified vulnerability in Cisco Jabber
Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition.
network
low complexity
cisco
critical
9.9
2021-03-24 CVE-2021-1451 Unspecified vulnerability in Cisco IOS XE
A vulnerability in the Easy Virtual Switching System (VSS) feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying Linux operating system of an affected device.
network
low complexity
cisco
critical
9.8
2021-02-24 CVE-2021-1393 Unspecified vulnerability in Cisco products
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes.
network
low complexity
cisco
critical
9.8
2021-02-24 CVE-2021-1388 Unspecified vulnerability in Cisco products
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
network
low complexity
cisco
critical
10.0