424 matches found
Multiple Cisco Products Snort Rate Filter Bypass (cisco-sa-snort-rf-bypass-OY8f3pnM)
According to its self-reported version, Cisco FTD Software is affected by a vulnerability. - Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limitin...
Cisco IOS XE Software Unified Threat Defense Snort Intrusion Prevention System Engine for Security Policy Bypass DoS (cisco-sa-utd-snort3-dos-bypas-b4OUEwxD)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security...
Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers Authenticated RCE (cisco-sa-sb-rv34x-rce-7pqFU2e)
According to its self-reported version, Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers Authenticated Remote Code Execution is affected by a vulnerability. - A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker...
Cisco IOS Software Web UI XSRF (cisco-sa-ios-webui-HfwnRgk)
According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system throu...
Cisco Catalyst SD-WAN Manager XSS (cisco-sa-sdwan-xss-zQ4KPvYd)
According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD- WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site...
Cisco IOS XE Software Catalyst 9000 Series Switches DoS (cisco-sa-vlan-dos-27Pur5RT)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the control plane of an affected device. This vulnerability is d...
Cisco IOS XR Software CLI Privilege Escalation (cisco-sa-iosxr-priv-esc-CrG5vhCq)
According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This...
Cisco Expressway Edge Improper Authorization (cisco-sa-expressway-auth-kdFrcZ2j)
According to its self-reported version, Cisco Expressway Edge Improper Authorization is affected by a vulnerability. - A vulnerability in Cisco Expressway Edge Expressway-E could allow an authenticated, remote attacker to masquerade as another user on an affected system. This vulnerability is due...
Cisco IOS XR Software Secure Boot Bypass (cisco-sa-xr-secure-boot-quD5g8Ap)
According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an...
Cisco Identity Services Engine Command Injection (cisco-sa-ise-injection-6kn9tSxm)
According to its self-reported version, Cisco Identity Services Engine Command Injection is affected by a vulnerability. - A vulnerability in specific CLI commands in Cisco Identity Services Engine ISE could allow an authenticated, local attacker to perform command injection attacks on the...
Cisco Identity Services Engine XSRF (cisco-sa-ise-csrf-y4ZUz5Rj)
According to its self-reported version, Cisco Identity Services Engine is affected by a cross-site request forgery XSRF vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a...
Cisco NX-OS Software DHCPv6 Relay Agent DoS (cisco-sa-nxos-dhcp6-relay-dos-znEAA6xn)
A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could...
Cisco IOS XR Software MPLS Pseudowire Interfaces Access Control List Bypass (CSCwf99658)
According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the access control list ACL processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This...
Cisco Identity Services Engine Stored XSS Vulnerabilities (cisco-sa-ise-xss-V2bm9JCY)
According to its self-reported version, Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities is affected by multiple vulnerabilities. - A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack...
Cisco Smart Software Manager On-Prem Password Change (cisco-sa-cssm-auth-sLw3uhUy)
According to its self-reported version, Cisco Smart Software Manager On-Prem Password Change is affected by a vulnerability. - A vulnerability in the authentication system of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to change the password of...
Cisco Expressway Series Open Redirect (cisco-sa-expressway-redirect-KJsFuXgj)
According to its self-reported version, Cisco Expressway Series Open Redirect is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This...
Cisco Firepower Threat Defense Software Snort 3 HTTP Intrusion Prevention System Rule Bypass (cisco-sa-snort3-ips-bypass-uE69KBMd)
According to its self-reported version, Cisco Firepower Threat Defense FTD Software is affected by a vulnerability. - Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System IPS rule engine that could allow an unauthenticated, remote attacker to bypass the...
Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation DoS (cisco-sa-ikev1-NO2ccFWz)
According to its self-reported version, Cisco IOS-XE Software is affected by multiple vulnerabilities. - A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affect...
Cisco Secure Email and Web Manager Multiple Vulnerabilities (cisco-sa-esa-sma-wsa-xss-bgG5WHOD)
According to its self-reported version, Cisco Secure Email and Web Manager is affected by multiple vulnerabilities. - A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email could allow an authenticated, remote attacker to conduct an XSS attack again...
Cisco Adaptive Security Appliance Software Web Services DoS Vulnerability (cisco-sa-asaftd-websrvs-dos-X8gNucD2)
According to its self-reported version, the remote Cisco ASA Software is affected by a denial of service DoS vulnerability, due to incomplete error checking when parsing HTTP headers. An unauthenticated, remote attacker can exploit this issue, via specially crafted HTTP request, to cause the syst...