VYPR

Intersight Virtual Appliance

by Cisco Systems, Inc.

CVEs (9)

  • CVE-2021-34748HigOct 6, 2021
    risk 0.57cvss 8.8epss 0.03

    A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to perform a command injection attack on an affected device. This vulnerability is due to insufficient input validation. An attacker could…

  • CVE-2021-1601HigJul 22, 2021
    risk 0.54cvss 8.3epss 0.00

    Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are…

  • CVE-2021-1600HigJul 22, 2021
    risk 0.54cvss 8.3epss 0.00

    Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are…

  • CVE-2023-20017MedAug 16, 2023
    risk 0.42cvss 6.5epss 0.01

    Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these…

  • CVE-2023-20013MedAug 16, 2023
    risk 0.42cvss 6.5epss 0.01

    Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these…

  • CVE-2021-1618MedJul 22, 2021
    risk 0.42cvss 6.5epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input…

  • CVE-2021-1617MedJul 22, 2021
    risk 0.42cvss 6.5epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input…

  • CVE-2026-20092MedJan 21, 2026
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance. This vulnerability is due to improper file permissions…

  • CVE-2023-20237MedAug 16, 2023
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker…