The vulnerability in the IOx application environment for the Cisco IOS operating system allows a hacker to elevate their privileges to the root level.

The vulnerability in the IOx application environment for the Cisco IOS operating system is related to errors during role-based access control checks. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the root level...

The vulnerability of Cisco IOS and Cisco IOS XE operating systems, related to the lack of measures for cleaning input data, allows attackers to execute cross-site scripting attacks.

The vulnerability of Cisco IOS and Cisco IOS XE systems is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to perform domain-to-domain scenario attacks using the HTTP banner parameter...

Cisco IOS and IOS XE Cross-Site Scripting Vulnerability

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. A cross-site scripting vulnerability exists in the web framework code in Cisco IOS and Cisco IOS XE, which stems from a program that fails to perform sufficient input validation. A remote attacker coul...

The vulnerability of the Secure Storage component in Cisco IOS XE and Cisco IOS operating systems allows attackers to disclose protected information.

The vulnerability of the Secure Storage component in Cisco IOS XE and Cisco IOS systems is related to the lack of protection for service data. Exploiting this vulnerability can allow attackers to disclose the protected information...

The vulnerability of Cisco IOS and IOS XE operating system SSH servers allows attackers to circumvent security restrictions.

The vulnerability of Cisco IOS and IOS XE operating systems’ SSH servers is related to errors in the mechanisms for checking access to the SSH server, originating from instances of Virtual Routing and Forwarding VRF. Exploiting this vulnerability can allow a malicious actor to establish an SSH...

CVE-2018-0484

A vulnerability in the access control logic of the Secure Shell SSH server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding VRF instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a...

PT-2018-3860 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software versions Fuji 16.7.1 through Fuji 16.8.1 Description: A vulnerability in the authentication, authorization, and accounting AAA security services could allow an unauthenticated, remote attacker to execute arbitrary code o...

The vulnerability of the Integrated Services Module (ISM-VPN) of the Cisco IOS operating system, which allows a hacker to cause a service failure.

The vulnerability of the Integrated Services Module ISM-VPN of the Cisco IOS operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted VPN traffic...

Multiple Cisco products certified to bypass the vulnerability

Cisco Aironet Access Points, IOS Software, and Wireless LAN Controller are products of Cisco Corporation.Cisco Aironet Access Points and Cisco Wireless LAN Controller are a set of wireless access point devices. Cisco Aironet Access Points and Cisco Wireless LAN Controller are a set of wireless...

Cisco Integrated Services Routers Generation 2 Denial of Service Vulnerability

Cisco Integrated Services Routers Generation 2 ISR G2 Routers is a router device from Cisco.IOS is one of the operating systems used for network devices. A denial of service vulnerability exists in the protocol implementation of IOS versions 15.0 through 15.6 in Cisco Integrated Services Routers...

Cisco IOS XE Software Denial of Service Vulnerability (CNVD-2017-34214)

The Cisco Catalyst 3650 and 3850 switches are both switch products from Cisco, Inc.IOS XE Software is one of the operating systems used for network devices. wireless controller manager is one of the wireless controller management programs. A denial of service vulnerability exists in the wireless...

Cisco IOS and IOS XE SNMP Remote Code Execution Vulnerability (CNVD-2017-12529)

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. Cisco IOS and IOS XE SNMP Remote Code Execution Vulnerability. Allows remote attackers to cause an SNMP service buffer overflow by sending constructed SNMP packets, resulting in...

Cisco IOS and IOS XE SNMP Remote Code Execution Vulnerability (CNVD-2017-12528)

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. Cisco IOS and IOS XE SNMP Remote Code Execution Vulnerability. Allows remote attackers to cause an SNMP service buffer overflow by sending constructed SNMP packets, resulting in...

Cisco IOS and IOS XE SNMP Remote Code Execution Vulnerability (CNVD-2017-12535)

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. Cisco IOS and IOS XE SNMP Remote Code Execution Vulnerability. Allows remote attackers to cause an SNMP service buffer overflow by sending constructed SNMP packets, resulting in...

The vulnerability of Cisco IOS XR routers, which allows a hacker to trigger a maintenance failure

The vulnerability of the Event Management Service router in Cisco IOS XR is related to resource management errors. Exploiting this vulnerability allows a malicious actor, operating remotely and without authentication, to cause service failures on the targeted device. The vulnerability stems from...

The vulnerability of the ANI service in the Cisco IOS operating system allows a hacker to trigger a service failure and a device restart.

The vulnerability of the Cisco IOS operating system’s ANI service is related to incomplete validation of input data. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot and a service failure using a specially crafted IPv6 packet...

The vulnerabilities of the EnergyWise module in the Cisco IOS operating system allow a hacker to trigger buffer overflows or equipment reboots, accompanied by a failure in service delivery.

The multiple vulnerabilities of the EnergyWise module of the Cisco IOS operating system are caused by buffer overflows. Exploitation of these vulnerabilities can allow a malicious actor to trigger buffer overflows or system reboots, accompanied by service failure due to specially crafted EnergyWi...

The vulnerability of the Cisco IOS operating system’s DHCP service allows a attacker to trigger a device reboot and a service failure.

The vulnerability of the DHCP service in Cisco IOS operating systems is related to the use of an uncontrolled format string. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot and a service failure through a specially crafted DHCP packet...

CVE-2017-3850

A vulnerability in the Autonomic Networking Infrastructure ANI feature of Cisco IOS Software 15.4 through 15.6 and Cisco IOS XE Software 3.7 through 3.18, and 16 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to incomplete inpu...

Cisco IOS and IOS XE Software Path Traversal Vulnerability

Cisco IOx is a suite of applications from Cisco USA that provide unified hosting capabilities for Cisco's IoT network infrastructure Cisco routers, switches, etc.. A security vulnerability exists in Cisco IOx on Cisco IOS and IOS XE that stems from the failure of an affected framework on the targ...