How severe is CVE-2021-1516?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2021-1516?

This is classified as CWE-540, which is a common weakness in software security.

CVE-2021-1516

MEDIUM Year: 2021

CVSS v3 Score

6.5

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

CWE-540

View all →

Vulnerability Description

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.

CVE-2021-28805

MEDIUM

CVSS:5.5(Medium)

Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read application data. This is...

CWE-5402021

CVE-2021-34757

MEDIUM

CVSS:5.5(Medium)

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords o...

CWE-5402021

CVE-2023-39250

MEDIUM

CVSS:5.5(Medium)

Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an informa...

CWE-5402023

CVE-2024-1272

HIGH

CVSS:7.5(High)

Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before v0.251.1.

CWE-5402024

CVE-2024-2265

HIGH

CVSS:7.5(High)

A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. This affects an unknown part of the file login.sql. The manipulation leads to inclusion o...

CWE-5402024

CVE-2023-23448

MEDIUM

CVSS:5.3(Medium)

Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain informati...

CWE-5402023

CVE-2021-1516

Vulnerability Description

Related Vulnerabilities

CVE-2021-28805

CVE-2021-34757

CVE-2023-39250

CVE-2024-1272

CVE-2024-2265

CVE-2023-23448