305 matches found
CVE-2016-6404
CVE-2016-6404 describes a cross-site scripting (XSS) vulnerability in the web framework of Cisco IOx Local Manager, affecting Cisco IOS 15.5(2)T and IOS XE. A remote attacker can exploit a crafted URL to inject arbitrary web script or HTML, targeting users of the web interface. The issue is tied ...
CVE-2016-6405
Cisco Fog Director for IOx (version 1.0(0)) is vulnerable to an arbitrary file write via the Cartridge interface. The root cause is insufficient input validation, allowing an authenticated, remote attacker to bypass access restrictions and write/overwrite arbitrary files. Published advisories (Ci...
CVE-2016-6404
Cross-site scripting XSS vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.52T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854...
Cisco IOS Software Data in Motion Denial of Service Vulnerability (cisco-sa-20160914-ios-xe)
A vulnerability in the Data in Motion DMo application in Cisco IOS software with the IOx feature set could allow an unauthenticated, remote attacker to cause a denial of service DoS condition in the DMo process. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted...
Cisco Fog Director for IOx Arbitrary File Write Vulnerability
A vulnerability in the Cisco Fog Director for IOx could allow an authenticated, remote attacker to write a file to arbitrary locations. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by uploading a crafted file via the Cartridge interface. ...