CVE-2021-1474

Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Data: Cisco advisories 1 day ago · Cisco CSAF 5 hours ago · NVD CVEs 8 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	MEDIUM
CVSS	6.5
EPSS	0.33% EPSS medium
CWE	CWE-1236
KEV
Published	5 years ago
Modified	1 year ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco Umbrella Insights Virtual Appliance	cisco-sa-umbrella-inject-gbZGHP5T	structured affected CSAF product_status