Cisco WebEx Meetings Server Remote Account Disabling Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. The vulnerability is due to a design flaw in Cisco WebEx Meetings Server, which would not disable access to...

Cisco FindIT Discovery Utility Insecure Library Loading Vulnerability

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity. The vulnerability is due to the application loading a...

Cisco Firepower 4100 and 9300 Security Appliance Local Management Filtering Bypass Vulnerability

A vulnerability in the process for creating default IP blocks during device initialization for Cisco Firepower 4100 Series and Firepower 9300 Security Appliances running Cisco FXOS Software could allow an unauthenticated, remote attacker to send traffic to the local IP address of the device,...

Cisco Wireless LAN Controller Access Network Query Protocol Denial of Service Vulnerability

A vulnerability in the Access Network Query Protocol ANQP ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, Layer 2 RF-adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service DoS condition. The...

Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the improper...

Cisco Wide Area Application Services Central Manager Denial of Service Vulnerability

A vulnerability in the SSL session cache management of Cisco Wide Area Application Services WAAS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to high consumption of disk space. The user would see a performance degradation. The vulnerability is due...

Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability

A vulnerability in the DNS forwarder functionality of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, corrupt the information present in the device's local DNS cache, or read part of the process memory. The vulnerability is due to a fla...

Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability

A vulnerability in the ASIC UDP ingress receive function of Cisco Gigabit Switch Router GSR 12000 Series Routers could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition when one line card in the router unexpectedly restarts. The vulnerability is due to...

Cisco Unified Communications Manager Prime Collaboration Deployment Information Disclosure Vulnerability

A vulnerability in the Prime Collaboration Deployment of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protections of data at rest. An attacker could exploit this vulnerability by browsing to a...

Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities

Devices running Cisco IOS Software or IOS XE Software contain vulnerabilities within the Internet Key Exchange IKE version 2 subsystem that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerabilities are due to how an affected device processes...

Cisco Meraki HTTP Handler Local Information Disclosure Vulnerability

A vulnerability in an HTTP handler in Cisco Meraki firmware occurs because the handler does not require requests to come only from the Meraki cloud. This vulnerability could allow a LAN-based attacker to obtain sensitive credential information. An unauthenticated, remote attacker on an adjacent...

Cisco WebEx Meetings Server Enterprise License Manager Administrative Password Disclosure Vulnerability

A vulnerability in the Cisco WebEx Meetings Server Enterprise License Manager web portal could allow an authenticated, remote attacker to view the administrative password for Cisco WebEx Meetings Server in clear text. The vulnerability is due to the inclusion of the Cisco WebEx Meetings Server...

Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability

Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability a...

Cisco IOS Software IP Service Level Agreement Vulnerability

The Cisco IOS Software implementation of the IP Service Level Agreement IP SLA feature contains a vulnerability in the validation of IP SLA packets that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. Cisco has released software updates that address thi...

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module are affected by multiple vulnerabilities as follows: MSN Instant Messenger IM Inspection Denial of Service vulnerability TACACS+ Authentication Bypass vulnerability Four SunRPC Inspection Denial ...

Cisco IOS Software Data-Link Switching Vulnerability

Cisco IOS Software contains a memory leak vulnerability in the Data-Link Switching DLSw feature that could result in a device reload when processing crafted IP Protocol 91 packets. Cisco has released software updates that address this vulnerability. This advisory is posted at...

DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms

A vulnerability exists in certain Cisco IOS ® software release trains running on the Cisco IAD2400 series, 1900 Series Mobile Wireless Edge Routers and Cisco VG224 Analog Phone Gateways. Vulnerable versions may contain a default hard-coded Simple Network Management Protocol SNMP community string...

Vulnerabilities in the Internet Key Exchange Xauth Implementation

Cisco Internetwork Operating System IOS Software release trains 12.2T, 12.3 and 12.3T may contain vulnerabilities in processing certain Internet Key Exchange IKE Xauth messages when configured to be an Easy VPN Server. Successful exploitation of these vulnerabilities may permit an unauthorized us...

Microsoft Windows SMB Denial of Service Vulnerabilities in Cisco Products - MS02-045

...

Cisco NX-OS Software Python Sandbox Escape Vulnerabilities

Multiple vulnerabilities in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. These vulnerabilities are due to insufficient...

Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficie...

Cisco IOS and IOS XE Software Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System IS-IS protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input...

Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of specific fields i...

Cisco Firepower Threat Defense Software and Cisco FirePOWER Services ICMPv6 with Snort 2 Denial of Service Vulnerability

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense FTD Software or Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software AnyConnect SSL/TLS VPN Denial of Service Vulnerability

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an...

Cisco BroadWorks Application Delivery Platform and Xtended Services Platform Authentication Bypass Vulnerability

A vulnerability in the single sign-on SSO implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to th...

Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability

A vulnerability in the access point AP joining process of the Control and Provisioning of Wireless Access Points CAPWAP protocol of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an authenticated, local attacker to conduct server-side request forgery SSRF attacks through an affected device or to overwrite arbitrary files on an affected device. For more...

Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco...

ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: May 2022

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange Version 2 IKEv2 implementation of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to trigger a denial of service DoS condition on an affected device. This...

Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to improper enforcement of administrator privilege levels for low-value sensitive data. An attacker...

Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details "details"...

Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service Vulnerability

A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 L2 loop in a configured VLAN, resulting in a denial of service DoS condition for that...

Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An...

Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...

Cisco SD-WAN Software Information Disclosure Vulnerability

A vulnerability in the Multiprotocol Label Switching MPLS packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insufficient handling of malformed MPLS packets that...

Cisco SD-WAN vManage Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for sensitive information that ...

Cisco SD-WAN Software Signature Verification Bypass Vulnerability

A vulnerability in the Image Signature Verification feature of Cisco SD-WAN Software could allow an authenticated, remote attacker with Administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital...

Cisco IoT Field Network Director Unprotected Storage of Credentials Vulnerability

A vulnerability in the web UI of Cisco IoT Field Network Director FND could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. The vulnerability is due to insufficient protection of user credentials. An attacker could exploit this vulnerability by...

Cisco Firepower Threat Defense Software SNMP Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol SNMP input packet processor of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory...

Cisco IOS XE Software Web Management Framework Vulnerabilities

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service DoS...

Cisco IOS XE Software Zone-Based Firewall Denial of Service Vulnerabilities

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the...

Cisco Jabber for Windows Protocol Handler Command Injection Vulnerability

A vulnerability in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands. The vulnerability is due to improper handling of input to the application protocol handlers. An attacker could exploit this...

Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange Version 2 IKEv2 implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2...

Cisco Digital Network Architecture Center Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Digital Network Architecture DNA Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is...

Cisco HyperFlex Software Counter Value Injection Vulnerability

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could explo...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service DoS condition. The...