Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-1519 | Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. | 5.5 |
| 2021-05-06 | CVE-2021-1520 | Unspecified vulnerability in Cisco products A vulnerability in the internal message processing of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, local attacker to run arbitrary commands with root privileges on the underlying operating system (OS). | 6.7 |
| 2021-05-06 | CVE-2021-1521 | Unspecified vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause an affected IP camera to reload. low complexity cisco | 6.5 |
| 2021-05-06 | CVE-2021-1532 | Unspecified vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. | 6.5 |
| 2021-05-06 | CVE-2021-1535 | Unspecified vulnerability in Cisco Sd-Wan Vmanage A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. | 5.3 |
| 2021-04-29 | CVE-2021-1488 | OS Command Injection vulnerability in Cisco products A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the underlying operating system (OS). | 6.7 |
| 2021-04-29 | CVE-2021-1495 | Improper Handling of Exceptional Conditions vulnerability in multiple products Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. | 5.3 |
| 2021-04-29 | CVE-2021-1489 | Unspecified vulnerability in Cisco Firepower Device Manager A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. | 6.5 |
| 2021-04-29 | CVE-2021-1477 | Unspecified vulnerability in Cisco Secure Firewall Management Center A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access services beyond the scope of their authorization. | 4.3 |
| 2021-04-29 | CVE-2021-1455 | Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.8 |