ID CVE-2021-1475
Summary Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Vulnerable Configurations
  • cpe:2.3:a:cisco:umbrella:-:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:umbrella:-:*:*:*:*:*:*:*
CVSS
Base: 3.5 (as of 20-04-2021 - 19:02)
Impact:
Exploitability:
CWE CWE-1236
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:S/C:N/I:P/A:N
Last major update 20-04-2021 - 19:02
Published 08-04-2021 - 04:15
Last modified 20-04-2021 - 19:02
Back to Top