CVE-2021-1475

Name of the Vulnerable Software and Affected Versions: Cisco Umbrella (affected versions not specified)

Description: The issue is related to the Scheduled Reports feature of Cisco Umbrella, where a vulnerability exists due to the lack of neutralization of special elements. This could allow a remote attacker to execute arbitrary code. Additionally, multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature may enable an authenticated, remote attacker to perform formula and link injection attacks on an affected device.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.