Lucene search
K

56 matches found

Cisco
Cisco
added 2024/10/23 4:0 p.m.13 views

Cisco Secure Firewall Management Center Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to elevate privileges on an affected device. To exploit this vulnerability, an attacker must...

6.5CVSS6.4AI score0.00479EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.13 views

Cisco Firepower Threat Defense Software Geolocation ACL Bypass Vulnerability

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this...

5.8CVSS5.7AI score0.00385EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.15 views

Cisco Secure Firewall Management Center Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability ...

9.9CVSS9.8AI score0.00941EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.23 views

Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an...

6.1CVSS5.4AI score0.00415EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.14 views

Multiple Cisco Products Snort Rate Filter Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker...

5.8CVSS5.7AI score0.00511EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.52 views

Cisco Secure Firewall Management Center Software HTML Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due ...

5.5CVSS5.5AI score0.00417EPSS
Exploits0References1
Cisco
Cisco
added 2024/09/25 4:0 p.m.21 views

Cisco IOS XE Software IPv4 Fragmentation Reassembly Denial of Service Vulnerability

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...

8.6CVSS8.6AI score0.0098EPSS
Exploits0References1
Cisco
Cisco
added 2024/08/28 4:0 p.m.13 views

Cisco NX-OS Software Bash Arbitrary Code Execution and Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code with root privileges or elevate privileges to network-admin on an affected device. For more information about these vulnerabilities, see...

6.7CVSS6.9AI score0.0016EPSS
Exploits0References1
Cisco
Cisco
added 2024/08/28 4:0 p.m.43 views

Cisco NX-OS Software Python Sandbox Escape Vulnerabilities

Multiple vulnerabilities in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. These vulnerabilities are due to insufficient...

5.3CVSS7.3AI score
Exploits0References1
Cisco
Cisco
added 2024/04/24 4:0 p.m.49 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability

A vulnerability in the Cisco Adaptive Security Appliance ASA restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level...

6CVSS6.7AI score0.00705EPSS
Exploits0References1
Cisco
Cisco
added 2024/03/27 4:0 p.m.43 views

Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System IS-IS protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input...

7.4CVSS7.3AI score0.00258EPSS
Exploits0References1
Cisco
Cisco
added 2024/02/28 4:0 p.m.26 views

Cisco Nexus 3000 and 9000 Series Switches Port Channel ACL Programming Vulnerability

A vulnerability in the access control list ACL programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device. This vulnerability is...

5.8CVSS5.7AI score0.0089EPSS
Exploits0References1
Cisco
Cisco
added 2023/11/01 4:0 p.m.26 views

Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due...

6.1CVSS5.8AI score0.00405EPSS
Exploits0References1
Cisco
Cisco
added 2023/09/27 4:0 p.m.72 views

Cisco IOS XE Software Web UI Command Injection Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the...

8.8CVSS9.2AI score0.0074EPSS
Exploits0References1
Cisco
Cisco
added 2023/09/13 4:0 p.m.46 views

Cisco IOS XR Software Image Verification Vulnerability

A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to a time-of-check, time-of-use TOCTOU race condition when an install query regarding an ISO imag...

5.7CVSS6.4AI score0.00088EPSS
Exploits0References1
Cisco
Cisco
added 2023/08/23 4:0 p.m.29 views

Cisco FXOS Software Arbitrary File Write Vulnerability

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...

4.4CVSS5.9AI score0.0017EPSS
Exploits0References1
Cisco
Cisco
added 2023/08/23 4:0 p.m.84 views

Cisco Nexus 3000 and 9000 Series Switches SFTP Server File Access Vulnerability

A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. This vulnerability is d...

5.4CVSS5.4AI score0.00439EPSS
Exploits0References1
Cisco
Cisco
added 2022/11/09 4:0 p.m.42 views

Cisco Firepower Threat Defense Software SIP and Snort 3 Detection Engine Denial of Service Vulnerability

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being...

5.8CVSS5.5AI score0.00786EPSS
Exploits0References1
Cisco
Cisco
added 2022/04/27 4:0 p.m.23 views

Cisco Firepower Threat Defense Software XML Injection Vulnerability

A vulnerability in CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands...

4.4CVSS5.8AI score0.00257EPSS
Exploits0References1
Cisco
Cisco
added 2022/04/27 4:0 p.m.88 views

Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by...

8.6CVSS1AI score0.01257EPSS
Exploits0References1
Rows per page
Query Builder