How severe is CVE-2021-1619?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2021-1619?

This is classified as CWE-824, which is a common weakness in software security.

CVE-2021-1619

CRITICAL Year: 2021

CVSS v3 Score

9.1

Critical

CVSS v2 Score

6.4

Medium

Weakness Type

CWE-824

View all →

Vulnerability Description

A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, or delete the configuration of an affected device Cause memory corruption that results in a denial of service (DoS) on an affected device This vulnerability is due to an uninitialized variable. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.

CVE-2018-19857

CRITICAL

CVSS:9.1(Critical)

The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast conve...

CWE-8242018

CVE-2015-1770

HIGH

CVSS:8.8(High)

Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."

CWE-8242015

CVE-2016-1005

HIGH

CVSS:8.8(High)

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Ado...

CWE-8242016

CVE-2016-4343

HIGH

CVSS:8.8(High)

The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service ...

CWE-8242016

CVE-2017-16377

HIGH

CVSS:8.8(High)

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. Th...

CWE-8242017

CVE-2017-16378

HIGH

CVSS:8.8(High)

CWE-8242017

CVE-2021-1619

Vulnerability Description

Related Vulnerabilities

CVE-2018-19857

CVE-2015-1770

CVE-2016-1005

CVE-2016-4343

CVE-2017-16377

CVE-2017-16378