Lucene search
K

26 matches found

Cisco
Cisco
added 2026/03/25 4:0 p.m.14 views

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...

4.8CVSS6AI score0.00194EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.14 views

Cisco Secure Firewall Management Center Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating...

6.5CVSS6.8AI score0.00782EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.15 views

Cisco Secure Firewall Management Center Software Cluster Backup Command Injection Vulnerability

A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to...

6.1CVSS6.6AI score0.00509EPSS
Exploits0References1
Cisco
Cisco
added 2024/09/25 4:0 p.m.17 views

Cisco IOS XE Software Protocol Independent Multicast Denial of Service Vulnerability

A vulnerability in the Protocol Independent Multicast PIM feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of received IPv4 PIMv2 packets. An...

8.6CVSS8.5AI score0.00568EPSS
Exploits0References1
Cisco
Cisco
added 2024/03/27 4:0 p.m.32 views

Cisco IOS XE Software NETCONF/RESTCONF IPv4 Access Control List Bypass Vulnerability

A vulnerability in the data model interface DMI services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access resources that should have been protected by a configured IPv4 access control list ACL. This vulnerability is due to improper handling of error conditions wh...

5.8CVSS5.8AI score0.00451EPSS
Exploits0References1
NVD
NVD
added 2023/09/13 5:15 p.m.31 views

CVE-2023-20191

A vulnerability in the access control list ACL processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incomplete support for this feature. An attacker could exploit th...

7.5CVSS6.6AI score0.00458EPSS
Exploits0References1
Cisco
Cisco
added 2022/11/09 4:0 p.m.23 views

Cisco Firepower Management Center Software XML External Entity Injection Vulnerability

A vulnerability in the module import function of the administrative interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to view sensitive information. This vulnerability is due to insufficient validation of the XML syntax when importing a...

4.3CVSS4.5AI score0.00524EPSS
Exploits0References1
Cisco
Cisco
added 2022/11/09 4:0 p.m.21 views

Cisco Firepower Management Center Software Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based management interface...

5.3CVSS5.2AI score0.00658EPSS
Exploits0References1
Cisco
Cisco
added 2022/11/09 4:0 p.m.27 views

Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability

A vulnerability in the management web server of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly...

6.5CVSS6AI score0.00698EPSS
Exploits0References1
Cisco
Cisco
added 2022/09/28 4:0 p.m.79 views

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Information Disclosure Vulnerability

A vulnerability in the Simple Network Management Protocol SNMP of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insufficient restrictions that allow a sensitive...

6.5CVSS6.4AI score0.00651EPSS
Exploits0References1
Cisco
Cisco
added 2022/04/27 4:0 p.m.43 views

Cisco Firepower Management Center Software Information Disclosure Vulnerability

A vulnerability in the input protection mechanisms of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to view data without proper authorization. This vulnerability exists because of a protection mechanism that relies on the existence or values of a...

4.3CVSS5.3AI score0.00882EPSS
Exploits0References1
Cisco
Cisco
added 2021/09/22 4:0 p.m.51 views

Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers EoGRE Denial of Service Vulnerability

A vulnerability in Ethernet over GRE EoGRE packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800 Family Wireless Controller, Embedded Wireless Controller, and Embedded Wireless on Catalyst 9000 Series Switches could allow an unauthenticated, remote attacker to...

8.6CVSS8.6AI score0.01285EPSS
Exploits0References1
Cisco
Cisco
added 2021/09/22 4:0 p.m.249 views

Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to an improper interaction between the web UI and the CLI parser. An attacker could exploit this...

7.7CVSS7.4AI score0.01149EPSS
Exploits0References1
Cisco
Cisco
added 2020/10/21 4:0 p.m.31 views

Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials ...

8.2CVSS7.5AI score0.00368EPSS
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.37 views

Cisco IOS XE Software Web UI Authorization Bypass Vulnerability

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized. The vulnerability is due to insufficient authorization of web UI access requests. An attacker could exploit this...

8.8CVSS8.7AI score0.00981EPSS
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.24 views

Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service DoS condition. The vulnerability is due to insufficient erro...

8.6CVSS8.6AI score0.01415EPSS
Exploits0References1
Cisco
Cisco
added 2020/09/24 4:0 p.m.29 views

Cisco IOS XE Software Privilege Escalation Vulnerabilities

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the...

8.8CVSS1.9AI score0.01804EPSS
Exploits0References1
Cisco
Cisco
added 2020/05/06 4:0 p.m.30 views

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability

A vulnerability in the Open Shortest Path First OSPF implementation in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect...

8.6CVSS8.1AI score0.01873EPSS
Exploits0References1
Cisco
Cisco
added 2020/05/06 4:0 p.m.49 views

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...

7.5CVSS7.8AI score0.71789EPSS
Exploits0References1
Cisco
Cisco
added 2019/09/25 4:0 p.m.103 views

Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability

A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System Guest OS running on an affected device. The vulnerability is due to incorrect role-based access control RBAC evaluation...

9.9CVSS1.7AI score0.0235EPSS
Exploits0References1
Rows per page
Query Builder