Vulnerability in Cisco Umbrella Insights Virtual Appliance
CVE-2021-40126
A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote attacker to perform an email enumeration attack against the Umbrella infrastructure. This vulnerability is due to an overly descriptive error…
EPSS: 0.002 (35.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Cisco Umbrella Insights Virtual Appliance — versions n/a
Weakness classification (CWE)
References
- 20211103 Cisco Umbrella Email Enumeration Vulnerability (vendor-advisory, x_refsource_CISCO)
Frequently asked questions
- What is CVE-2021-40126?
- CVE-2021-40126 is a medium-severity vulnerability in Cisco Umbrella Insights Virtual Appliance, classified under CWE-210. CVSS score: 4.3/10. Published 2021-11-04.
- How severe is CVE-2021-40126?
- Medium severity. CVSS v3 base score is 4.3 out of 10.