How severe is CVE-2021-1478?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2021-1478?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2021-1478

MEDIUM Year: 2021

CVSS v3 Score

6.5

Medium

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

A vulnerability in the Java Management Extensions (JMX) component of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to an unsecured TCP/IP port. An attacker could exploit this vulnerability by accessing the port and restarting the JMX process. A successful exploit could allow the attacker to cause a DoS condition on an affected system.

CVE-2011-1762

MEDIUM

CVSS:6.5(Medium)

A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post...

CWE-2842011

CVE-2012-4379

MEDIUM

CVSS:6.5(Medium)

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in...

CWE-2842012

CVE-2014-1398

MEDIUM

CVSS:6.5(Medium)

The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statist...

CWE-2842014

CVE-2014-1399

MEDIUM

CVSS:6.5(Medium)

The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on referenced entities via unspec...

CWE-2842014

CVE-2014-1400

MEDIUM

CVSS:6.5(Medium)

The entity_access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions and read unpublished comments via unspeci...

CWE-2842014

CVE-2014-3519

MEDIUM

CVSS:6.5(Medium)

The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capa...

CWE-2842014

CVE-2021-1478

Vulnerability Description

Related Vulnerabilities

CVE-2011-1762

CVE-2012-4379

CVE-2014-1398

CVE-2014-1399

CVE-2014-1400

CVE-2014-3519