Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-34724 | Unspecified vulnerability in Cisco IOS XE Sd-Wan A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. | 6.0 |
| 2021-09-23 | CVE-2021-34725 | OS Command Injection vulnerability in Cisco IOS XE Sd-Wan A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. | 6.7 |
| 2021-09-23 | CVE-2021-34726 | OS Command Injection vulnerability in Cisco Sd-Wan A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. | 6.7 |
| 2021-09-23 | CVE-2021-34729 | OS Command Injection vulnerability in Cisco IOS XE and IOS XE Sd-Wan A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. | 6.7 |
| 2021-09-09 | CVE-2021-34708 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. | 6.7 |
| 2021-09-09 | CVE-2021-34709 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. | 6.4 |
| 2021-09-09 | CVE-2021-34721 | OS Command Injection vulnerability in Cisco IOS XR Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. | 6.7 |
| 2021-09-09 | CVE-2021-34722 | OS Command Injection vulnerability in Cisco IOS XR Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. | 6.7 |
| 2021-09-09 | CVE-2021-34771 | Information Exposure vulnerability in Cisco IOS XR A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local attacker to view more information than their privileges allow. | 5.5 |
| 2021-09-09 | CVE-2021-34786 | Improper Authentication vulnerability in Cisco Broadworks Commpilot Application Software Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system. | 4.9 |