Lucene search
K

70 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/04 12:0 a.m.13 views

Cisco Identity Services Engine Sensitive Information Disclosure (cisco-sa-ise-info-exp-vdF8Jbyk)

According to its self-reported version, Cisco Identity Services Engine Sensitive Information Disclosure is affected by an information disclosure vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attack...

6.5CVSS5.7AI score0.00477EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/19 12:0 a.m.18 views

Cisco Identity Services Engine 3.x < 3.2P1 Arbitrary File Download (cisco-sa-ise-file-dwnld-Srcdnkd2)

According to its self-reported version, Cisco Identity Services is affected by a vulnerability in the web-based management interface. These allow an authenticated, remote attacker to download arbitrary files from the file system of an affected device. These vulnerabilities are due to insufficient...

6.5CVSS6.8AI score0.00839EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/03 12:0 a.m.24 views

Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack (cisco-sa-ftd-tls-bb-rCgtmY2)

A vulnerability in the TLS handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses...

5.3CVSS5.7AI score0.00646EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/03 12:0 a.m.15 views

Cisco IOS XE Software Rate Limiting Network Address Translation DoS (cisco-sa-ratenat-pYVLA7wM) Unpatched Commands

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Rate Limiting Network Address Translation NAT feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco...

8.6CVSS7.8AI score0.01285EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.34 views

Cisco Identity Services Engine XSS (cisco-sa-ise-xss-twLnpy3M)

According to its self-reported version, Cisco Identity Services Engine is affected by a cross-site scripting XSS vulnerability due to insufficient input validation in the External RESTful Services ERS API. An attacker could exploit this vulnerability by persuading an authenticated administrator o...

6.1CVSS6.8AI score0.00781EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/05/16 12:0 a.m.232 views

Cisco Unified Intelligence Center Log4j RCE

According to its self-reported version, Cisco Unified Intelligence Center is affected by a remote code execution vulnerability. - Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

10CVSS8.2AI score0.99999EPSS
Exploits351References3
Tenable Nessus
Tenable Nessus
added 2022/05/11 12:0 a.m.31 views

Cisco Firepower Threat Defense Software DoS (cisco-sa-ftd-dos-JnnJm4wB)

A vulnerability in the connection handling function in Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are...

8.6CVSS7.3AI score0.01166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.24 views

Cisco Firepower Threat Defense Software Local Malware Analysis DoS (cisco-sa-ftd-amp-local-dos-CUfwRJXT)

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to insufficient error handling in the local malware...

5.3CVSS5.8AI score0.01206EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/06 12:0 a.m.29 views

Cisco Firepower Threat Defense Software Snort Out of Memory DoS (cisco-sa-ftd-snort-dos-hd2hFgM)

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service DoS condition on an affected device. This vulnerability is due t...

8.6CVSS7.3AI score0.01257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/04/28 12:0 a.m.21 views

Cisco Unified Communications Products XSRF (cisco-sa-ucm-csrf-jrKP4eNT)

According to its self-reported version number, the web-based management interface of the Cisco Unified Communications Manager Unified CM and Cisco Unified CM Session Management Edition is affected by a cross-site request forgery vulnerability. An authenticated, remote attacker can exploit this...

6.8CVSS6.7AI score0.00426EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/04/05 12:0 a.m.23 views

Cisco IOS XR Software Border Gateway Protocol DoS (cisco-sa-20090818-bgp)

According to its self-reported version, Cisco IOS XR Software with BGP enabled is affected by the following vulnerabilities: - Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service process crash via a long BGP UPDATE message, as demonstrated by a message with many AS...

5.9CVSS5.5AI score0.03326EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2021/11/02 12:0 a.m.28 views

Cisco Adaptive Security Appliance Software Identity-Based Rule Bypass (cisco-sa-asaftd-rule-bypass-ejjOgQEY)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

5.3CVSS5.7AI score0.01003EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/08/02 12:0 a.m.59 views

Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway DoS (cisco-sa-alg-dos-hbBS7SZE)

According to its self-reported version, Cisco IOS-XE Software is affected by a denial of service vulnerability in the DNS Application Layer Gateway ALG functionality used by Network Address Translation NAT. The vulnerability is due to a logic error that occurs when an affected device inspects...

8.6CVSS7.4AI score0.01494EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/07/15 12:0 a.m.29 views

Cisco Identity Services Engine Stored XSS (cisco-sa-ise-stored-xss-TWwjVPdL)

According to its self-reported version, Cisco Identity Services Engine is affected by multiple stored cross-site scripting XSS vulnerabilities due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user...

4.8CVSS5.5AI score0.00594EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2021/07/07 12:0 a.m.24 views

Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port DoS (cisco-sa-apic-lldap-dos-WerV9CFj)

According to its self-reported version, Cisco NX-OS Software is affected by a denial of service DoS vulnerability. The vulnerability exists in the Link Layer Discovery Protocol LLDP due to incorrect processing of LLDP on packets on an SFP interface. An unauthenticated, adjacent attacker can explo...

4.7CVSS5.2AI score0.00244EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/05/17 12:0 a.m.57 views

Cisco Firepower Threat Defense Software WebVPN CRLF Injection (cisco-sa-asa-ftd-crlf-inj-BX9uRwSn)

According to its self-reported version, the Clientless SSL VPN WebVPN of Cisco Firepower Threat Defense FTD Software is affected by an CRLF injection vulnerability due to improper input sanitization. An unauthenticated, remote attacker can exploit this by persuading a user of the interface to cli...

4.7CVSS6AI score0.01264EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/05/17 12:0 a.m.26 views

Cisco Adaptive Security Appliance Software WebVPN CRLF Injection (cisco-sa-asa-ftd-crlf-inj-BX9uRwSn)

According to its self-reported version, the Clientless SSL VPN WebVPN of Cisco Adaptive Security Appliance ASA Software is affected by an CRLF injection vulnerability due to improper input sanitization. An unauthenticated, remote attacker can exploit this by persuading a user of the interface to...

4.7CVSS6AI score0.01264EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.34 views

Cisco Adaptive Security Appliance Software Bleichenbacher Attack (cisco-sa-asaftd-tls-bb-2g9uWkP)

According to its self-reported version, the TLS handler of Cisco Adaptive Security Appliance ASA Software for Cisco Firepower 1000 is affected by the Bleichenbacher attack vulnerability due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely...

5.3CVSS6.3AI score0.01239EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/05/11 12:0 a.m.30 views

Cisco Firepower Threat Defense Software TCP Flood DoS (cisco-sa-ftd-tcp-dos-GDcZDqAf)

According to its self-reported version, the packet processing functionality of Cisco Firepower Threat Defense FTD Software is affected by TCP flood denial of service vulnerability due to inefficient memory management. An unauthenticated, remote attacker can exploit this by sending a large number ...

8.6CVSS8AI score0.01398EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/05/07 12:0 a.m.31 views

Cisco SD-WAN vManage HTTP Authentication User Enumeration (cisco-sa-vmanage-enumeration-64eNnDKy)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by an information disclosure vulnerability due to improper handling of HTTP headers. An unauthenticated, remote attacker can exploit this, via HTTP, to determine which accounts are valid user accounts. Please see th...

5.3CVSS5.8AI score0.01198EPSS
Exploits0References3
Rows per page
Query Builder