VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,114 total · sorted by risk
  • CVE-2021-34759MedSep 2, 2021
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability…

  • CVE-2021-34715MedAug 18, 2021
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability…

  • CVE-2021-1607MedJul 8, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management…

  • CVE-2021-1606MedJul 8, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management…

  • CVE-2021-1605MedJul 8, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management…

  • CVE-2021-1604MedJul 8, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management…

  • CVE-2021-1603MedJul 8, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. These vulnerabilities exist because the web-based management…

  • CVE-2021-1395MedJun 16, 2021
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management…

  • CVE-2021-1538MedJun 4, 2021
    risk 0.31cvss 4.7epss 0.02

    A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to execute arbitrary code. This vulnerability is due to insufficient sanitization of configuration entries. An attacker could exploit…

  • CVE-2021-1536MedJun 4, 2021
    risk 0.31cvss 4.8epss 0.00

    A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device.…

  • CVE-2021-1525MedJun 4, 2021
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An attacker could exploit…

  • CVE-2021-1555MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1554MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1553MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1552MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1551MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1550MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1549MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1548MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1547MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are…

  • CVE-2021-1358MedMay 22, 2021
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an…

  • CVE-2021-1254MedMay 22, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied…

  • CVE-2021-1519MedMay 6, 2021
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. The vulnerability is due to insufficient validation of user-supplied…

  • CVE-2021-1490MedMay 6, 2021
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability…

  • CVE-2021-1397MedMay 6, 2021
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in…

  • CVE-2021-1458MedApr 29, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2021-1457MedApr 29, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2021-1456MedApr 29, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2021-1455MedApr 29, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to…

  • CVE-2021-1420MedApr 8, 2021
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this…

  • CVE-2021-1374MedMar 24, 2021
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the web-based…

  • CVE-2021-1231MedFeb 24, 2021
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This…

  • CVE-2021-1271MedJan 20, 2021
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The…

  • CVE-2021-1310MedJan 13, 2021
    risk 0.31cvss 4.7epss 0.02

    A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection. This vulnerability is…

  • CVE-2021-1240MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This…

  • CVE-2021-1239MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. The…

  • CVE-2021-1238MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected system. The…

  • CVE-2021-1158MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1157MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1156MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1155MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1154MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1153MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1152MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1151MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1130MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco DNA Center software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based…

  • CVE-2020-26083MedNov 6, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists…

  • CVE-2020-3561MedOct 21, 2020
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The…

  • CVE-2020-3558MedOct 21, 2020
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an…

  • CVE-2020-3589MedOct 8, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability…

Page 83 of 143