CWE-636

Total CVEs
8
Vulnerabilities
Avg CVSS v3
7.0
Medium
Avg CVSS v2
6.7
Medium
Latest CVE
2025
Most Recent

Severity Distribution

Critical 0
0%
High 4
50%
Medium 4
50%
Low 0
0%

External References

MITRE CWE
Official CWE definition
NIST NVD
Search CVEs by CWE

All CVEs (8)

Page 1 of 1

CVE-2021-1578

HIGH
CVSS:8.8(High)

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, ...

CWE-6362021

CVE-2023-4030

HIGH
CVSS:7.8(High)

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt.

CWE-6362023

CVE-2024-8185

HIGH
CVSS:7.5(High)

Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster joi...

CWE-6362024

CVE-2021-3614

MEDIUM
CVSS:6.8(Medium)

A vulnerability was reported on some Lenovo Notebook systems that could allow an attacker with physical access to elevate privileges under certain conditions during a BIOS update performed by Lenovo V...

CWE-6362021

CVE-2024-2660

MEDIUM
CVSS:6.4(Medium)

Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Va...

CWE-6362024

CVE-2023-22943

MEDIUM
CVSS:5.3(Medium)

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HT...

CWE-6362023