How severe is CVE-2021-1306?

This vulnerability has a severity rating of LOW with a CVSS score of 3.4 out of 10.

What type of vulnerability is CVE-2021-1306?

This is classified as CWE-73, which is a common weakness in software security.

CVE-2021-1306

LOW Year: 2021

CVSS v3 Score

3.4

Low

CVSS v2 Score

3.6

Low

Weakness Type

CWE-73

View all →

Vulnerability Description

A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. This vulnerability is due to improper validation of parameters that are sent to a CLI command within the restricted shell. An attacker could exploit this vulnerability by logging in to the device and issuing certain CLI commands. A successful exploit could allow the attacker to identify file directories on the affected device and write arbitrary files to the file system on the affected device. To exploit this vulnerability, the attacker must be an authenticated shell user.

CVE-2020-5297

LOW

CVSS:2.7(Low)

In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff...

CWE-732020

CVE-2024-10492

LOW

CVSS:2.7(Low)

A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This attacker must have previous high acc...

CWE-732024

CVE-2024-10672

LOW

CVSS:2.7(Low)

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the mpg_upsert_project_source_block() function in all...

CWE-732024

CVE-2024-6937

MEDIUM

CVSS:2.7(Low)

A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curl_exec of the file /admin/forms/option_lists/edit.php of the component Im...

CWE-732024

CVE-2025-1911

LOW

CVSS:2.7(Low)

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page...

CWE-732025

CVE-2025-1972

LOW

CVSS:2.7(Low)

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the admin_log_page() function in all versions up to,...

CWE-732025

CVE-2021-1306

Vulnerability Description

Related Vulnerabilities

CVE-2020-5297

CVE-2024-10492

CVE-2024-10672

CVE-2024-6937

CVE-2025-1911

CVE-2025-1972