Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability

A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol parser of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a TLS...

Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance PCA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to the...

Cisco UCS B-Series Blade Servers Local Management CLI Arbitrary File Creation or CLI Parameter Injection Vulnerability

A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS B-Series Blade Servers could allow an authenticated, local attacker to overwrite an arbitrary file on disk. It is also possible the attacker could inject CLI command parameters that should not be...

Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability

A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service DoS condition on an affected system. The...

Cisco Registered Envelope Service Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the service. The vulnerability is due to insufficient validation of user-supplied input by the...

Cisco SD-WAN Solution Certificate Validation Vulnerability

A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected...

Cisco Prime Access Registrar Denial of Service Vulnerability

A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service DoS condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specifi...

Cisco Unified Communications Manager IM & Presence Service Denial of Service Vulnerability

A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service CUCM IM&P and the Cisco TelePresence Video Communication Server VCS and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users,...

Cisco FireSIGHT System Software URL-Based Access Control Policy Bypass Vulnerability

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

Cisco TelePresence IX5000 Series and TelePresence TX9000 Series Cross-Frame Scripting Vulnerability

A vulnerability in the web UI of Cisco TelePresence IX5000 Series Software and Cisco TelePresence TX9000 Series Software could allow an unauthenticated, remote attacker to conduct a cross-frame scripting XFS attack against a user of the web UI of the affected software. The vulnerability is due to...

Cisco IOS Software Simple Network Management Protocol GET MIB Object ID Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a condition that could occur wh...

Cisco Unified Communications Manager SQL Injection Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct an SQL injection attack against an affected system. The vulnerability exists because the affected software fails to validate user-supplied input in certain SQL...

Cisco NX-OS System Software Unauthorized User Account Deletion Vulnerability

A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. The network-operator role should not be able to delete other configured users on the device. The vulnerability is...

Cisco Nexus Series Switches Open Agent Container Code Execution Vulnerability

A vulnerability in the Open Agent Container OAC feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could...

Cisco Multilayer Director, Nexus 7000 Series, and Nexus 7700 Series Switches Bash Shell Unauthorized Access Vulnerability

A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 7700 Series Switches could allow an authenticated, local attacker to access the Bash shell of an affected device's operating system, even if the Bash...

Cisco Web Security Appliance Advanced Malware Protection File Bypass Vulnerability

A vulnerability in the Advanced Malware Protection AMP file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. The file types affected are zipped or archived file types. T...

Cisco Immunet Antimalware Installer DLL Preloading Vulnerability

An untrusted search path vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafted DLL has...

Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms Extensible Authentication Protocol Denial of Service Vulnerability

A vulnerability in Extensible Authentication Protocol EAP ingress frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency RF adjacent attacker to cause the Access Point AP to reload, resulting in a denial of service...

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the HTTP header...

Cisco Aironet 3800 Series Access Points Protected Management Frames User Denial of Service Vulnerability

A vulnerability in the handling of 802.11w Protected Management Frames PAF by Cisco Aironet 3800 Series Access Points could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device. The vulnerability exists because the affected device does not properl...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Web Interface Information Disclosure Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to access sensitive data. The attacker does not need administrator credentials and could use this information to conduct additional...

Cisco Firepower Device Manager Arbitrary Audit Log Entry Vulnerability

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense FTD Firepower Device Manager FDM could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. The vulnerability is due to inadequate input validation. An attacker could exploit this...

Cisco Firepower Detection Engine HTTP Denial of Service Vulnerability

A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper handling of an...

Cisco Prime Network Analysis Module Local Command Injection Vulnerability

A vulnerability in the command-line interface CLI of Cisco Prime Network Analysis Module NAM and Cisco Prime Virtual Network Analysis Module vNAM could allow a local, authenticated attacker to execute arbitrary commands on the host operating system with elevated privileges. The vulnerability is d...

Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability

A vulnerability in the web proxy framework of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker with the ability to negotiate a secure connection from within the trusted network to cause a denial of service DoS condition on the affected device. The vulnerability...

Cisco Unified Communications Manager Prime Collaboration Deployment Information Disclosure Vulnerability

A vulnerability in the Prime Collaboration Deployment of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protections of data at rest. An attacker could exploit this vulnerability by browsing to a...

Cisco Application and Content Networking System URL Page Return Cross-Site Scripting Vulnerability

A vulnerability in Cisco Application and Content Networking System ACNS could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks. The vulnerability is due to insufficient validation of the URL of pages that are not accessible to the end user that could be return...

Cisco TelePresence System MXP Series Software Denial of Service Vulnerability

A vulnerability in Cisco TelePresence System MXP Series Software could allow an unauthenticated, remote attacker to cause an affected system to become unresponsive to management session requests via Telnet. The vulnerability is due to a memory leak when management flows are created. An attacker...

Cisco IOS Software DHCP Denial of Service Vulnerability

A vulnerability in the DHCP implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability occurs during the parsing of crafted DHCP packets. An attacker could exploit this vulnerability ...

Cisco TelePresence System t-shell Denial of Service Vulnerability

A vulnerability in the t-shell implementation of Cisco TelePresence System Software could allow an authenticated, remote attacker to exhaust the available memory and create a denial of service DoS condition. The vulnerability is due to improper handling of orphaned t-shell sessions. An attacker...

Cisco IOS Software Network Address Translation Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Vulnerability in Cisco IOS While Processing SSL Packet

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Multiple Vulnerabilities in Cisco IOS While Processing SSL Packets

Cisco IOS device may crash while processing malformed Secure Sockets Layer SSL packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device. Successful repeated exploitation of any of these...

DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms

A vulnerability exists in certain Cisco IOS ® software release trains running on the Cisco IAD2400 series, 1900 Series Mobile Wireless Edge Routers and Cisco VG224 Analog Phone Gateways. Vulnerable versions may contain a default hard-coded Simple Network Management Protocol SNMP community string...

NTP Vulnerability

...

Cisco Secure Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability

A vulnerability in the Network Access Manager NAM module of Cisco Secure Client could allow an unauthenticated attacker with physical access to an affected device to elevate privileges to SYSTEM. This vulnerability is due to a lack of authentication on a specific function. A successful exploit...

Cisco Secure Email Gateway HTTP Response Splitting Vulnerability

A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to insufficient input validation of some parameters that are passed to t...

Cisco Unity Connection Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly valida...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software AnyConnect SSL/TLS VPN Denial of Service Vulnerability

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an...

Multiple Cisco Products Snort 3 Access Control Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being...

Cisco Access Point Software Denial of Service Vulnerability

A vulnerability in the management CLI of Cisco access point AP software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could...

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the External RESTful Services ERS API of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient input...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility Denial of Service Vulnerability

A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

Cisco ACI Multi-Site Orchestrator Privilege Escalation Vulnerability

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...

Cisco Unified Communications Products Arbitrary File Read Vulnerability

A vulnerability in the database user privileges of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an authenticated, remote...

Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the...

Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an unauthenticated, remote attacker to render the web-based...

Cisco SD-WAN vManage Software Information Disclosure Vulnerability

A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. This vulnerability exists because access to sensitive information on an affected system is not sufficient...

Cisco Meeting Server API Denial of Service Vulnerability

A vulnerability in the API of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because requests that are sent to the API are not properly validated. An attacker could exploit this...

Cisco Managed Services Accelerator Denial of Service Vulnerability

A vulnerability in the REST API of Cisco Managed Services Accelerator MSX could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the way that the affected software logs certain API requests. An attacker could...