Lucene search
+L

70 matches found

Cisco
Cisco
added 2021/02/24 4:0 p.m.61 views

Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite...

9.8CVSS9.4AI score0.01574EPSS
Exploits0References1
Cisco
Cisco
added 2020/10/21 4:0 p.m.33 views

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability

Update from October 22nd, 2020: Cisco has become aware of a new Cisco Adaptive Security Appliance vulnerability that could affect the fixed releases recommended for code trains 9.13 and 9.14 in the Fixed Software "fs" section of this advisory. See the Cisco Adaptive Security Appliance Software...

8.6CVSS8.5AI score0.01918EPSS
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.197 views

Cisco IOS XE Software Arbitrary Code Execution Vulnerability

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An attacker could...

6.7CVSS6.5AI score0.00357EPSS
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.39 views

Cisco IOS XE Software Web UI Authorization Bypass Vulnerability

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized. The vulnerability is due to insufficient authorization of web UI access requests. An attacker could exploit this...

8.8CVSS8.7AI score0.00981EPSS
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.46 views

Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability

A vulnerability in the Common Open Policy Service COPS engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. The vulnerability is due to insufficient input validation. An attacker could exploit this...

8.6CVSS8.6AI score0.01374EPSS
Exploits0References1
Cisco
Cisco
added 2020/06/03 4:0 p.m.39 views

Cisco IOS and IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient input...

7.7CVSS2.5AI score0.01565EPSS
Exploits0References1
Cisco
Cisco
added 2020/05/06 4:0 p.m.57 views

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS handler of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a...

8.6CVSS8.5AI score0.02128EPSS
Exploits0References1
Cisco
Cisco
added 2020/05/06 4:0 p.m.32 views

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability

A vulnerability in the Open Shortest Path First OSPF implementation in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect...

8.6CVSS8.1AI score0.01873EPSS
Exploits0References1
CISA
CISA
added 2019/10/03 12:0 a.m.13 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

7.2AI score
Exploits0References1
Cisco
Cisco
added 2019/09/25 4:0 p.m.114 views

Cisco IOS XE Software Web UI Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based user interface Web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details "details" section of this...

7.6CVSS1.5AI score0.28948EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/27 12:0 a.m.4 views

Power-Response Path Traversal Vulnerability

Power-Response is a modular PowerShell framework for event response . A path traversal vulnerability exists in versions of Power-Response prior to 2019-02-02, which can be exploited by an attacker to access locations outside of a restricted directory...

10CVSS6.8AI score0.02987EPSS
Exploits0References1
Cisco
Cisco
added 2019/03/06 4:0 p.m.135 views

Cisco NX-OS Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by authenticating to the...

7.8CVSS2.5AI score0.0031EPSS
Exploits0References1
Cisco
Cisco
added 2019/03/06 4:0 p.m.94 views

Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

4.2CVSS2.2AI score0.00894EPSS
Exploits1References1
Cisco
Cisco
added 2019/03/06 4:0 p.m.94 views

Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

5.3CVSS2.2AI score0.00894EPSS
Exploits1References1
Cisco
Cisco
added 2018/09/26 4:0 p.m.62 views

Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability

A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation when handling...

7.4CVSS1.7AI score0.00856EPSS
Exploits0References1
Cisco
Cisco
added 2018/06/20 4:0 p.m.89 views

Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability exists because the affected software insufficiently validates...

8.6CVSS2.1AI score0.02319EPSS
Exploits0References1
Cisco
Cisco
added 2018/06/20 4:0 p.m.78 views

Cisco NX-OS Software CLI Arbitrary Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting...

8.2CVSS2.1AI score0.00564EPSS
Exploits0References1
Cisco
Cisco
added 2018/06/20 4:0 p.m.108 views

Cisco NX-OS Software Border Gateway Protocol Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol BGP implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update...

8.6CVSS0.7AI score0.0254EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/05/10 12:0 a.m.30 views

Cisco IOS XE Software Network Address Translation Denial of Service Vulnerability

A vulnerability in the processing of IPv4 packets that require Network Address Translation NAT and Multiprotocol Label Switching MPLS services of Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4300 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers could allo...

7.8CVSS6.9AI score0.02194EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/05/10 12:0 a.m.34 views

Cisco IOS Software RSVP Vulnerability

A vulnerability in the implementation of the Resource Reservation Protocol RSVP in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause the device to reload. This vulnerability could be exploited repeatedly to cause an extended denial of service DoS...

7.8CVSS9.4AI score0.03023EPSS
Exploits0References4
Rows per page
Query Builder