Vulnerabilities > Cisco > Unified Intelligence Center > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-10 CVE-2021-44228 Deserialization of Untrusted Data vulnerability in multiple products
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints.
10.0
2017-11-16 CVE-2017-12337 Improper Authentication vulnerability in Cisco products
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device.
network
low complexity
cisco CWE-287
critical
9.8