Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2021-1527 | Out-of-bounds Write vulnerability in Cisco Webex Player 3.0/4.0 A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. | 6.1 |
| 2021-06-04 | CVE-2021-1537 | Insufficiently Protected Credentials vulnerability in Cisco Thousandeyes Recorder 1.0.3 A vulnerability in the installer software of Cisco ThousandEyes Recorder could allow an unauthenticated, local attacker to access sensitive information that is contained in the ThousandEyes Recorder installer software. | 5.5 |
| 2021-06-04 | CVE-2021-1544 | Exposure of System Data to an Unauthorized Control Sphere vulnerability in Cisco Webex Meetings A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. | 5.5 |
| 2021-06-04 | CVE-2021-1563 | Memory Leak vulnerability in Cisco products Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. | 6.5 |
| 2021-06-04 | CVE-2021-1564 | Memory Leak vulnerability in Cisco products Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. | 6.5 |
| 2021-05-22 | CVE-2021-1254 | Cross-site Scripting vulnerability in Cisco Finesse Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.8 |
| 2021-05-22 | CVE-2021-1358 | Open Redirect vulnerability in Cisco Finesse A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. | 6.1 |
| 2021-05-22 | CVE-2021-1557 | OS Command Injection vulnerability in Cisco DNA Spaces: Connector Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. | 6.7 |
| 2021-05-22 | CVE-2021-1558 | OS Command Injection vulnerability in Cisco DNA Spaces: Connector Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. | 6.7 |
| 2021-05-11 | CVE-2020-26139 | Improper Authentication vulnerability in multiple products An issue was discovered in the kernel in NetBSD 7.1. | 5.3 |