Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2021-1528 | Execution with Unnecessary Privileges vulnerability in Cisco products A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. | 7.8 |
| 2021-06-04 | CVE-2021-1536 | Uncontrolled Search Path Element vulnerability in Cisco products A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. | 7.8 |
| 2021-06-04 | CVE-2021-1538 | OS Command Injection vulnerability in Cisco Common Services Platform Collector A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to execute arbitrary code. | 7.2 |
| 2021-06-04 | CVE-2021-1539 | Incorrect Authorization vulnerability in Cisco Staros Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. | 8.8 |
| 2021-06-04 | CVE-2021-1540 | Incorrect Authorization vulnerability in Cisco Staros Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. | 7.2 |
| 2021-05-22 | CVE-2021-1487 | OS Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. | 8.8 |
| 2021-05-22 | CVE-2021-1531 | Argument Injection or Modification vulnerability in Cisco Modeling Labs A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. | 8.8 |
| 2021-05-22 | CVE-2021-1547 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |
| 2021-05-22 | CVE-2021-1548 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |
| 2021-05-22 | CVE-2021-1549 | Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |