CVE-2021-1600

HIGH Year: 2021
CVSS v3 Score
8.3
High
CVSS v2 Score
5.8
Medium
Weakness Type
CWE-284
View all →

Vulnerability Description

Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are received on the external management interface. An attacker could exploit these vulnerabilities by sending specific traffic to this interface on an affected device. A successful exploit could allow the attacker to access sensitive internal services and make configuration changes on the affected device.

Related Vulnerabilities

CVE-2015-8973

HIGH
CVSS:8.3(High)

xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to ...

CWE-2842015

CVE-2018-7364

HIGH
CVSS:8.3(High)

All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorize...

CWE-2842018

CVE-2021-1601

HIGH
CVSS:8.3(High)

Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities...

CWE-2842021

CVE-2022-0824

HIGH
CVSS:8.3(High)

Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.

CWE-2842022

CVE-2022-4689

HIGH
CVSS:8.3(High)

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.

CWE-2842022

CVE-2022-4809

HIGH
CVSS:8.3(High)

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

CWE-2842022