Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-1363 | SQL Injection vulnerability in Cisco Unified Communications Manager IM and Presence Service Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.1 |
| 2021-05-06 | CVE-2021-1365 | SQL Injection vulnerability in Cisco Unified Communications Manager IM and Presence Service Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 8.1 |
| 2021-05-06 | CVE-2021-1400 | Improper Privilege Management vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. | 8.8 |
| 2021-05-06 | CVE-2021-1401 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain sensitive information from or inject arbitrary commands on an affected device. | 7.2 |
| 2021-05-06 | CVE-2021-1421 | OS Command Injection vulnerability in Cisco Enterprise NFV Infrastructure Software A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. | 7.8 |
| 2021-05-06 | CVE-2021-1426 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1427 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1428 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1429 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |
| 2021-05-06 | CVE-2021-1430 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. | 7.8 |