CVE-2018-0263

The CVE-2018-0263 entry describes a misconfiguration vulnerability in Cisco Meeting Server (CMS) 2000 Platforms, where an incorrect default configuration exposes internal interfaces/ports on the external interface. This allows an unauthenticated, adjacent attacker to access configuration and data...

Cisco Meeting Server Information Disclosure Vulnerability

A vulnerability in Cisco Meeting Server CMS could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system. The vulnerability is due to incorrect default configuration of the device, which can expose internal interfaces and ports o...

CVE-2018-0249

A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point APs on Qualcomm Atheros QCA based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected system. A successful explo...

CVE-2018-0247

The CVE-2018-0247 entry describes an authentication bypass in Web Authentication (WebAuth) clients used by Cisco IOS on Cisco Aironet Access Points and Wireless LAN Controllers (WLCs). Affected configurations require: AP in FlexConnect NAT mode, WLAN in central switching (unique IP per client), A...

Cisco Wireless LAN Controller and Aironet Access Points IOS WebAuth Client Authentication Bypass Vulnerability

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

CVE-2018-0257

A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to the incorrect handling of...

CVE-2018-0241

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IP...

Cisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IP...

Buffer overflow

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated...

Format string

Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...

CVE-2018-0175

Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...

PT-2018-3801 · Cisco · Cisco Ios Xr +2

Name of the Vulnerable Software and Affected Versions: Cisco IOS, Cisco IOS XE, and Cisco IOS XR Software affected versions not specified Description: The issue is related to multiple buffer overflow vulnerabilities in the Link Layer Discovery Protocol LLDP subsystem of the affected software. An...

Brocade Fabric OS Vulnerabilities - Lenovo Support US

No description provided...

Race condition

A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability exists because the affected software attempts to free the same area of memory twice...

Cisco APIC-EM 1.x < 1.5 Unauthorized Access (credentialed check)

According to its self-reported version number, the Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM application running on the remote host is 1.x prior to 1.5. It is, therefore, affected by a vulnerability within the firewall configuration of the Cisco Application Poli...

Design/Logic Flaw

A vulnerability in the handling of 802.11w Protected Management Frames PAF by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device, aka Denial of Service. The vulnerability exists because the affected...

Design/Logic Flaw

A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM could allow an unauthenticated, adjacent attacker to gain privileged access to services only available on the internal network of the device. The vulnerability is...

Race condition

A vulnerability in the packet processing code of Cisco IOS Software for Cisco Aironet Access Points could allow an unauthenticated, adjacent attacker to retrieve content from memory on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to...

Race condition

A vulnerability in 802.11 association request frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency RF adjacent attacker to cause the Access Point AP to reload, resulting in a denial of service DoS condition. The...

CVE-2017-12262

A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM could allow an unauthenticated, adjacent attacker to gain privileged access to services only available on the internal network of the device. The vulnerability is...