Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-24 | CVE-2021-1377 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resolving ARP entries for legitimate hosts on the connected subnets. | 5.8 |
| 2021-02-24 | CVE-2021-1450 | Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client 4.9(5086) A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. | 5.5 |
| 2021-02-24 | CVE-2021-1396 | Missing Authentication for Critical Function vulnerability in Cisco products Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. | 6.5 |
| 2021-02-24 | CVE-2021-1367 | Improper Input Validation vulnerability in Cisco Nx-Os 9.3(5) A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 4.3 |
| 2021-02-24 | CVE-2021-1231 | Origin Validation Error vulnerability in Cisco Nx-Os A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. | 4.7 |
| 2021-02-24 | CVE-2021-1229 | Memory Leak vulnerability in Cisco Nx-Os 15.1(2.31)/5.2(1)Sv5(1.3A)/8.4(3.53) A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service (DoS) condition. | 5.3 |
| 2021-02-24 | CVE-2021-1228 | Unspecified vulnerability in Cisco Nx-Os A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. low complexity cisco | 6.5 |
| 2021-02-17 | CVE-2021-1416 | Incorrect Privilege Assignment vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. | 4.3 |
| 2021-02-17 | CVE-2021-1412 | Incorrect Privilege Assignment vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. | 6.5 |
| 2021-02-17 | CVE-2021-1372 | Exposure of Sensitive Data Through Data Queries vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. | 5.5 |