How severe is CVE-2021-1265?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.7 out of 10.

What type of vulnerability is CVE-2021-1265?

This is classified as CWE-312, which is a common weakness in software security.

CVE-2021-1265 - HIGH Severity | CVSS 7.7

Vulnerability Description

A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privilege-level authenticated, remote attacker to obtain the full unmasked running configuration of managed devices. The vulnerability is due to the configuration archives files being stored in clear text, which can be retrieved by various API calls. An attacker could exploit this vulnerability by authenticating to the device and executing a series of API calls. A successful exploit could allow the attacker to retrieve the full unmasked running configurations of managed devices.

Related Vulnerabilities

CVE-2024-25661

HIGH

CVSS:7.7(High)

In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain var...

CWE-3122024

CVE-2024-42451

HIGH

CVSS:7.7(High)

A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimat...

CWE-3122024

CVE-2008-6828

HIGH

CVSS:7.8(High)

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of t...

CWE-3122008

CVE-2017-1309

HIGH

CVSS:7.8(High)

IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 125463.

CWE-3122017

CVE-2018-12572

HIGH

CVSS:7.8(High)

Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the...

CWE-3122018

CVE-2018-1877

HIGH

CVSS:7.8(High)

IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. IBM X-Force ID: 151713...

CWE-3122018