← Back

Cisco

cisco

6,574 CVEs • 6,220 products

Products (6,220)

Click to collapse
Toggle
Ios
ios
613 CVEs
Ios Xe
ios_xe
541 CVEs
Adaptive Security Appliance Software
adaptive_security_appliance_software
351 CVEs
Nx Os
nx_os
275 CVEs
Unified Communications Manager
unified_communications_manager
238 CVEs
Firepower Threat Defense
firepower_threat_defense
230 CVEs
Ios Xr
ios_xr
193 CVEs
Secure Firewall Management Center
secure_firewall_management_center
182 CVEs
Identity Services Engine
identity_services_engine
165 CVEs
Webex Meetings Server
webex_meetings_server
136 CVEs
Rv110w Firmware
rv110w_firmware
128 CVEs
Rv130w Firmware
rv130w_firmware
127 CVEs
Unified Computing System
unified_computing_system
105 CVEs
Wireless Lan Controller Software
wireless_lan_controller_software
88 CVEs
Prime Infrastructure
prime_infrastructure
88 CVEs
Catalyst Sd Wan Manager
catalyst_sd-wan_manager
87 CVEs
Application Extension Platform
application_extension_platform
79 CVEs
Rv215w Firmware
rv215w_firmware
71 CVEs
Anyconnect Secure Mobility Client
anyconnect_secure_mobility_client
69 CVEs
Webex Meetings
webex_meetings
69 CVEs
Rv215w Wireless N Vpn Router Firmware
rv215w_wireless-n_vpn_router_firmware
68 CVEs
Data Center Network Manager
data_center_network_manager
68 CVEs
Web Security Appliance
web_security_appliance
65 CVEs
Adaptive Security Appliance
adaptive_security_appliance
63 CVEs
Unity Connection
unity_connection
63 CVEs
Rv130 Vpn Router Firmware
rv130_vpn_router_firmware
62 CVEs
Webex Meetings Online
webex_meetings_online
59 CVEs
Rv130 Firmware
rv130_firmware
59 CVEs
Firepower Extensible Operating System
firepower_extensible_operating_system
56 CVEs
Asyncos
asyncos
54 CVEs
Asa 5500
asa_5500
52 CVEs
Rv320 Firmware
rv320_firmware
52 CVEs
Rv325 Firmware
rv325_firmware
52 CVEs
5500 Series Adaptive Security Appliance
5500_series_adaptive_security_appliance
51 CVEs
Email Security Appliance
email_security_appliance
50 CVEs
Evolved Programmable Network Manager
evolved_programmable_network_manager
50 CVEs
Identity Services Engine Software
identity_services_engine_software
49 CVEs
Unified Contact Center Express
unified_contact_center_express
47 CVEs
Rv042 Firmware
rv042_firmware
46 CVEs
Rv042g Firmware
rv042g_firmware
46 CVEs
Telepresence Video Communication Server
telepresence_video_communication_server
42 CVEs
Sd Wan Vmanage
sd-wan_vmanage
42 CVEs
Unified Communications Domain Manager
unified_communications_domain_manager
41 CVEs
Sd Wan Firmware
sd-wan_firmware
41 CVEs
Unified Communications Manager Im And Presence Service
unified_communications_manager_im_and_presence_service
39 CVEs
Rv082 Dual Wan Vpn Router Firmware
rv082_dual_wan_vpn_router_firmware
37 CVEs
Rv016 Firmware
rv016_firmware
37 CVEs
Rv082 Firmware
rv082_firmware
37 CVEs
Rv042 Dual Wan Vpn Router Firmware
rv042_dual_wan_vpn_router_firmware
36 CVEs
Secure Access Control System
secure_access_control_system
35 CVEs
Firesight System Software
firesight_system_software
35 CVEs
Rv340w Firmware
rv340w_firmware
35 CVEs
Rv340 Firmware
rv340_firmware
35 CVEs
Rv345 Firmware
rv345_firmware
35 CVEs
Rv345p Firmware
rv345p_firmware
35 CVEs
Rv016 Multi Wan Vpn Router Firmware
rv016_multi-wan_vpn_router_firmware
35 CVEs
Rv042g Dual Gigabit Wan Vpn Router Firmware
rv042g_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Rv320 Dual Gigabit Wan Vpn Router Firmware
rv320_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Rv325 Dual Gigabit Wan Vpn Router Firmware
rv325_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Secure Access Control Server
secure_access_control_server
34 CVEs
Jabber
jabber
34 CVEs
Prime Collaboration Provisioning
prime_collaboration_provisioning
34 CVEs
Application Policy Infrastructure Controller
application_policy_infrastructure_controller
34 CVEs
Sf302 08pp Firmware
sf302-08pp_firmware
32 CVEs
Sf302 08mpp Firmware
sf302-08mpp_firmware
32 CVEs
Sg300 10pp Firmware
sg300-10pp_firmware
32 CVEs
Sg300 10mpp Firmware
sg300-10mpp_firmware
32 CVEs
Sf300 24pp Firmware
sf300-24pp_firmware
32 CVEs
Sf300 48pp Firmware
sf300-48pp_firmware
32 CVEs
Sg300 28pp Firmware
sg300-28pp_firmware
32 CVEs
Sf300 08 Firmware
sf300-08_firmware
32 CVEs
Sf300 48p Firmware
sf300-48p_firmware
32 CVEs
Sg300 10mp Firmware
sg300-10mp_firmware
32 CVEs
Sg300 10p Firmware
sg300-10p_firmware
32 CVEs
Sg300 10 Firmware
sg300-10_firmware
32 CVEs
Sg300 28p Firmware
sg300-28p_firmware
32 CVEs
Sf300 24p Firmware
sf300-24p_firmware
32 CVEs
Sg300 28 Firmware
sg300-28_firmware
32 CVEs
Sf300 48 Firmware
sf300-48_firmware
32 CVEs
Sg300 20 Firmware
sg300-20_firmware
32 CVEs
Sg300 52 Firmware
sg300-52_firmware
32 CVEs
Sf300 24 Firmware
sf300-24_firmware
32 CVEs
Sf302 08 Firmware
sf302-08_firmware
32 CVEs
Sf300 24mp Firmware
sf300-24mp_firmware
32 CVEs
Sg300 28mp Firmware
sg300-28mp_firmware
32 CVEs
Sg300 52p Firmware
sg300-52p_firmware
32 CVEs
Sg300 52mp Firmware
sg300-52mp_firmware
32 CVEs
Webex Meeting Center
webex_meeting_center
31 CVEs
Meeting Server
meeting_server
31 CVEs
Sg300 10sfp Firmware
sg300-10sfp_firmware
31 CVEs
Telepresence Collaboration Endpoint
telepresence_collaboration_endpoint
31 CVEs
Firepower Threat Defense Software
firepower_threat_defense_software
31 CVEs
Security Manager
security_manager
30 CVEs
Firewall Services Module
firewall_services_module
29 CVEs
Telepresence Video Communication Server Software
telepresence_video_communication_server_software
29 CVEs
Sg500 28mpp Firmware
sg500-28mpp_firmware
29 CVEs
Sf500 24 Firmware
sf500-24_firmware
29 CVEs
Sf500 24p Firmware
sf500-24p_firmware
29 CVEs
Sf500 48 Firmware
sf500-48_firmware
29 CVEs
Sg500 28 Firmware
sg500-28_firmware
29 CVEs

CVEs (6,574)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-1128
1Cisco
1Ios Xr
Nov 21, 2024
Feb 4, 2021
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. The vulnerability is due to insufficient application of restri...Show more
A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain sensitive information within the configuration that otherwise might not have been accessible beyond the privileges of the invoking user.Show less
CVE-2020-14418
3Cisco
MadshiMorphisec
3Advanced Malware Protection
MadcodehookUnified Threat Prevention Platform
Nov 21, 2024
Jan 30, 2021
N/A· v4
7.0 HIGH· v3
6.9 MEDIUM· v2
A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions.
CVE-2021-1250
1Cisco
1Data Center Network Manager
Nov 21, 2024
Jan 20, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or...Show more
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1249
1Cisco
1Data Center Network Manager
Nov 21, 2024
Jan 20, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or...Show more
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1248
1Cisco
1Data Center Network Manager
Nov 21, 2024
Jan 20, 2021
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more informati...Show more
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1247
1Cisco
1Data Center Network Manager
Nov 21, 2024
Jan 20, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more informati...Show more
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1241
1Cisco
5Catalyst Sd Wan Manager
Ios Xe Sd WanSd Wan Firmware+2 more
Nov 21, 2024
Jan 20, 2021
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, s...Show more
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1235
1Cisco
1Sd Wan Vmanage
Nov 21, 2024
Jan 20, 2021
N/A· v4
5.5 MEDIUM· v3
4.9 MEDIUM· v2
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. The vulnerability is due to insufficient user authorization...Show more
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. The vulnerability is due to insufficient user authorization. An attacker could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read database files from the filesystem of the underlying operating system.Show less
CVE-2021-1233
1Cisco
3Catalyst Sd Wan Manager
Sd Wan FirmwareSd Wan Vbond Orchestrator
Nov 21, 2024
Jan 20, 2021
N/A· v4
4.4 MEDIUM· v3
4.9 MEDIUM· v2
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information on an affected device. The vulnerability is due to insufficient input validation of request...Show more
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information on an affected device. The vulnerability is due to insufficient input validation of requests that are sent to the iperf tool. An attacker could exploit this vulnerability by sending a crafted request to the iperf tool, which is included in Cisco SD-WAN Software. A successful exploit could allow the attacker to obtain any file from the filesystem of an affected device.Show less
CVE-2021-1225
1Cisco
1Sd Wan Vmanage
Nov 21, 2024
Jan 20, 2021
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilitie...Show more
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities exist because the web-based management interface improperly validates values in SQL queries. An attacker could exploit these vulnerabilities by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database or the operating system.Show less
CVE-2021-1222
1Cisco
1Smart Software Manager On Prem
Nov 21, 2024
Jan 20, 2021
N/A· v4
8.1 HIGH· v3
5.5 MEDIUM· v2
A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exis...Show more
A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates values within SQL queries. An attacker could exploit this vulnerability by authenticating to the application and sending malicious SQL queries to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database or the operating system.Show less
CVE-2021-1219
1Cisco
1Smart Software Manager On Prem
Nov 21, 2024
Jan 20, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static...Show more
A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by gaining access to the static credential that is stored on the local device. A successful exploit could allow the attacker to view static credentials, which the attacker could use to carry out further attacks.Show less
CVE-2021-1218
1Cisco
1Smart Software Manager On Prem
Nov 21, 2024
Jan 20, 2021
N/A· v4
5.4 MEDIUM· v3
4.9 MEDIUM· v2
A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper in...Show more
A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request that could cause the web application to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to redirect a user to a malicious website.Show less
CVE-2021-1142
1Cisco
1Smart Software Manager Satellite
Nov 21, 2024
Jan 20, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information abou...Show more
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1141
1Cisco
1Smart Software Manager Satellite
Nov 21, 2024
Jan 20, 2021
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information abou...Show more
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1140
1Cisco
1Smart Software Manager Satellite
Nov 21, 2024
Jan 20, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information abou...Show more
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1139
1Cisco
1Smart Software Manager Satellite
Nov 21, 2024
Jan 20, 2021
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information abou...Show more
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1138
1Cisco
1Smart Software Manager Satellite
Nov 21, 2024
Jan 20, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information abou...Show more
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1135
1Cisco
1Data Center Network Manager
Nov 21, 2024
Jan 20, 2021
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more informat...Show more
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory.Show less
CVE-2021-1364
1Cisco
2Unified Communications Manager
Unified Communications Manager Im And Presence Service
Nov 21, 2024
Jan 20, 2021
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system....Show more
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) and could allow an attacker to conduct SQL injection attacks on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.Show less