Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
•added 2017/11/29 4:0 p.m.•42 views

Cisco Jabber Clients Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient...

5.4CVSS5.2AI score0.00642EPSS
Exploits0References1
Cisco
Cisco
•added 2017/11/15 4:0 p.m.•42 views

Cisco Web Security Appliance Advanced Malware Protection File Bypass Vulnerability

A vulnerability in the Advanced Malware Protection AMP file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. The file types affected are zipped or archived file types. T...

5.3CVSS5.3AI score0.01638EPSS
Exploits0References1
Cisco
Cisco
•added 2017/11/15 4:0 p.m.•42 views

Cisco Network Academy Packet Tracer DLL Preload Vulnerability

An untrusted search path vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafte...

4.2CVSS6.8AI score0.00536EPSS
Exploits0References1
Cisco
Cisco
•added 2017/11/01 4:0 p.m.•42 views

Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms Extensible Authentication Protocol Denial of Service Vulnerability

A vulnerability in Extensible Authentication Protocol EAP ingress frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency RF adjacent attacker to cause the Access Point AP to reload, resulting in a denial of service...

7.4CVSS6.5AI score0.00811EPSS
Exploits0References1
Cisco
Cisco
•added 2017/10/18 4:0 p.m.•42 views

Cisco WebEx Meeting Center Cross-Site Scripting Vulnerability

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...

6.1CVSS6.1AI score0.0122EPSS
Exploits0References1
Cisco
Cisco
•added 2017/09/20 4:0 p.m.•42 views

Cisco Unified Intelligence Center User Interface Cross-Site Request Forgery Vulnerability

A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking the user of a web...

6.1CVSS9AI score0.01168EPSS
Exploits0References1
Cisco
Cisco
•added 2017/07/17 4:0 p.m.•42 views

Cisco WebEx Browser Extension Remote Code Execution Vulnerability

A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx...

9.6CVSS8.7AI score0.05951EPSS
Exploits0References1
Cisco
Cisco
•added 2017/07/05 4:0 p.m.•42 views

Cisco StarOS Border Gateway Protocol Process Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol BGP processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core VPC Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reloa...

5.8CVSS7.7AI score0.02297EPSS
Exploits0References1
Cisco
Cisco
•added 2017/06/07 4:0 p.m.•42 views

Cisco AnyConnect Local Privilege Escalation Vulnerability

A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. The vulnerability is due to incomplete input...

7.8CVSS7.7AI score0.00371EPSS
Exploits0References1
Cisco
Cisco
•added 2017/03/15 4:0 p.m.•42 views

Cisco Nexus 9000 Series Switches Remote Login Denial of Service Vulnerability

A vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic...

5.3CVSS5.4AI score0.02048EPSS
Exploits0References1
Cisco
Cisco
•added 2017/02/01 4:0 p.m.•43 views

Cisco Firepower Device Manager Arbitrary Audit Log Entry Vulnerability

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense FTD Firepower Device Manager FDM could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. The vulnerability is due to inadequate input validation. An attacker could exploit this...

5.3CVSS5.4AI score0.01479EPSS
Exploits0References1
Cisco
Cisco
•added 2016/11/16 4:0 p.m.•42 views

Cisco Email Security Appliance MIME Header Processing Filter Bypass Vulnerability

A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection AMP filters that are configured for an affected device. The vulnerability is due to improper err...

5CVSS5.3AI score0.0113EPSS
Exploits0References1
Cisco
Cisco
•added 2016/08/03 4:0 p.m.•42 views

Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability

A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to access arbitrary files on the system. This vulnerability allows the attacker to perform directory traversal. The vulnerability...

7.1CVSS7.6AI score0.07432EPSS
Exploits0References1
Cisco
Cisco
•added 2015/09/02 4:0 p.m.•42 views

Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability

Cisco Integrated Management Controller IMC Supervisor and Cisco UCS Director contain a remote file overwrite vulnerability that could allow an unauthenticated, remote attacker to overwrite arbitrary system files, resulting in system instability or a denial of service DoS condition. Cisco has...

7.8CVSS6.8AI score0.02817EPSS
Exploits0References1
Cisco
Cisco
•added 2015/07/22 4:0 p.m.•42 views

Cisco IOS Software TFTP Server Denial of Service Vulnerability

A vulnerability in the TFTP server feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The TFTP server feature is not enabled by default. Cisco has released software updates that address this vulnerability...

7.1CVSS6.5AI score0.02333EPSS
Exploits0References1
Cisco
Cisco
•added 2015/04/06 5:30 p.m.•42 views

Cisco Wireless LAN Controller HTML Help Cross-Site Scripting Vulnerability

A vulnerability in the HTML help system of Cisco Wireless LAN Controller WLC devices could allow an unauthenticated, remote attacker conduct cross-site scripting attacks. An unauthenticated, remote attacker who can convince a user of an affected system to follow a malicious link or visit an...

4.3CVSS6.3AI score0.0095EPSS
Exploits0References1
Cisco
Cisco
•added 2015/03/14 5:1 a.m.•42 views

Cisco AnyConnect Secure Mobility Client Hostscan Path Traversal Vulnerability

A vulnerability in the inter-process communication IPC channel of the Cisco AnyConnect Secure Mobility Client Hostscan module could allow an authenticated, local attacker to write and overwrite arbitrary files with elevated privileges. The vulnerability is due to insufficient path traversal...

4.6CVSS6.3AI score0.00386EPSS
Exploits0References1
Cisco
Cisco
•added 2014/08/07 8:13 p.m.•42 views

Cisco Unified Communications Manager Concurrent Login Vulnerability

A vulnerability in the CLI restrictions setting of Cisco Unified Communications Manager could allow an authenticated, remote attacker to remain undetected as an authenticated user. The vulnerability is due to improper sanitization of authenticated users. Cisco has confirmed the vulnerability in a...

4CVSS6.4AI score0.0164EPSS
Exploits0References1
Cisco
Cisco
•added 2013/11/07 7:40 p.m.•42 views

Cisco IOS XR Software OSPFv3 Denial of Service Vulnerability

A vulnerability in the Open Shortest Path First version 3 OSPFv3 implementation in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a crash of the OSPFv3 process on an affected device. The vulnerability is due to improper parsing of malformed type 1 link-state...

5.8CVSS3AI score0.01072EPSS
Exploits0References1
Cisco
Cisco
•added 2013/07/25 4:1 p.m.•42 views

Cisco Identity Services Engine High CPU Utilization Vulnerability

A vulnerability in the firewall implementation of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to cause high CPU utilization and possibly the crash of some internal processes. The vulnerability is due to insufficient implementation of the firewall rule to protect...

5CVSS1.4AI score0.02584EPSS
Exploits0References1
Cisco
Cisco
•added 2013/05/02 8:49 p.m.•42 views

Cisco IOS XR Software Crafted SNMP Packets Denial of Service Vulnerability

A vulnerability in the SNMP module of Cisco IOS XR Software could allow an authenticated, remote attacker to cause the SNMP process to restart. The vulnerability is due to improper processing of crafted SNMP packets. An attacker could exploit this vulnerability by sending crafted SNMP packets to...

4CVSS2.3AI score0.00984EPSS
Exploits0References1
Cisco
Cisco
•added 2013/04/11 9:0 p.m.•42 views

Cisco uBR10000 Series IPv4/IPv6 Dual Stack Vulnerability

Cisco uBR10000 Series Universal Broadband Routers contain a vulnerability that could allow an unauthenticated, adjacent attacker to trigger the reload of the routing engine on the affected device. An attacker could exploit this vulnerability by manipulating IPv4 and IPv6 address assignments on a...

5.7CVSS3.8AI score0.00647EPSS
Exploits0References1
Cisco
Cisco
•added 2013/03/27 4:0 p.m.•42 views

Cisco IOS Software Smart Install Denial of Service Vulnerability

The Smart Install client feature in Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. Affected devices that are configured as Smart Install clients are vulnerable. Cisco has released...

7.8CVSS6.9AI score0.01328EPSS
Exploits0References1
Cisco
Cisco
•added 2012/05/10 8:50 p.m.•42 views

CiscoWorks Prime LAN Management Solution CRLF Injection and HTTP Response Splitting Vulnerability

Cisco Prime LAN Management Solution versions prior to 4.2 contain a vulnerability that could allow an unauthenticated, remote attacker to inject arbitrary code and conduct HTTP response-splitting attacks on a targeted system. The vulnerability exists because the affected software improperly...

4.3CVSS7AI score0.01168EPSS
Exploits0References1
Cisco
Cisco
•added 2012/03/28 4:0 p.m.•42 views

Cisco IOS Software Network Address Translation Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.1AI score0.02011EPSS
Exploits0References1
Cisco
Cisco
•added 2010/09/22 4:0 p.m.•42 views

Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability

A vulnerability in the Internet Group Management Protocol IGMP version 3 implementation of Cisco IOS® Software and Cisco IOS XE Software allows a remote unauthenticated attacker to cause a reload of an affected device. Repeated attempts to exploit this vulnerability could result in a sustained...

7.1CVSS6.7AI score0.01551EPSS
Exploits0References1
Cisco
Cisco
•added 2009/02/25 4:0 p.m.•42 views

Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS5.9AI score0.02515EPSS
Exploits1References1
Cisco
Cisco
•added 2008/09/24 4:0 p.m.•42 views

Vulnerability in Cisco IOS While Processing SSL Packet

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.1AI score0.03165EPSS
Exploits1References1
Cisco
Cisco
•added 2026/05/14 4:0 p.m.•41 views

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability...

10CVSS6.2AI score0.87693EPSS
Exploits4References1
Cisco
Cisco
•added 2024/05/15 4:0 p.m.•41 views

Cisco Secure Email Gateway HTTP Response Splitting Vulnerability

A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to insufficient input validation of some parameters that are passed to t...

6.1CVSS6.2AI score0.00389EPSS
Exploits0References1
Cisco
Cisco
•added 2024/03/27 4:0 p.m.•41 views

Cisco IOS and IOS XE Software Locator ID Separation Protocol Denial of Service Vulnerability

A vulnerability in the Locator ID Separation Protocol LISP feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to the incorrect handling of LISP packets. An attacker could exploit...

8.6CVSS8.5AI score0.00803EPSS
Exploits0References1
Cisco
Cisco
•added 2024/01/24 4:0 p.m.•41 views

Cisco Unity Connection Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly valida...

4.8CVSS5AI score0.00352EPSS
Exploits0References1
Cisco
Cisco
•added 2023/11/15 4:0 p.m.•41 views

Cisco IP Phone Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation ...

5.5CVSS5AI score0.00459EPSS
Exploits0References1
Cisco
Cisco
•added 2023/09/27 4:0 p.m.•41 views

Cisco Catalyst 9100 Access Points Denial of Service Vulnerability

A vulnerability in the networking component of Cisco access point AP software could allow an unauthenticated, remote attacker to cause a temporary disruption of service. This vulnerability is due to overuse of AP resources. An attacker could exploit this vulnerability by connecting to an AP on an...

5.8CVSS8.5AI score0.00653EPSS
Exploits0References1
Cisco
Cisco
•added 2023/09/27 4:0 p.m.•41 views

Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers IPv6 Multicast Denial of Service Vulnerability

A vulnerability in the Multicast Leaf Recycle Elimination mLRE feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service DoS condition. This...

8.6CVSS7.8AI score0.00652EPSS
Exploits0References1
Cisco
Cisco
•added 2023/08/23 4:0 p.m.•41 views

Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.4CVSS5.4AI score0.00333EPSS
Exploits0References1
Cisco
Cisco
•added 2023/01/11 4:0 p.m.•41 views

Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validati...

4.9CVSS7.3AI score0.00964EPSS
Exploits0References1
Cisco
Cisco
•added 2022/10/19 4:0 p.m.•41 views

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the External RESTful Services ERS API of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient input...

6.1CVSS5.9AI score0.00781EPSS
Exploits0References1
Cisco
Cisco
•added 2022/08/17 4:0 p.m.•41 views

Cisco Secure Web Appliance Privilege Escalation Vulnerability

A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This vulnerability is due to insufficient...

6.3CVSS7.1AI score0.01863EPSS
Exploits0References1
Cisco
Cisco
•added 2022/07/06 4:0 p.m.•41 views

Cisco Unified Communications Products Arbitrary File Read Vulnerability

A vulnerability in the database user privileges of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an authenticated, remote...

6.5CVSS6.4AI score0.01288EPSS
Exploits0References1
Cisco
Cisco
•added 2022/06/15 4:0 p.m.•41 views

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service DoS condition. Th...

9.8CVSS9.8AI score0.02968EPSS
Exploits0References1
Cisco
Cisco
•added 2022/05/18 4:0 p.m.•41 views

Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

5.5CVSS5.7AI score0.00913EPSS
Exploits0References1
Cisco
Cisco
•added 2022/04/13 4:0 p.m.•41 views

Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

6.5CVSS6.8AI score0.00467EPSS
Exploits0References1
Cisco
Cisco
•added 2022/04/13 4:0 p.m.•41 views

Cisco IOS and IOS XE Software Web Services Denial of Service Vulnerability

A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to improper resource management in the HTTP server code. An attacker could exploit this...

8.6CVSS8.4AI score0.0111EPSS
Exploits0References1
Cisco
Cisco
•added 2022/02/23 4:0 p.m.•41 views

Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability

A vulnerability in the Cisco Fabric Services over IP CFSoIP feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacke...

8.6CVSS7.8AI score0.12404EPSS
Exploits0References1
Cisco
Cisco
•added 2021/09/08 4:0 p.m.•41 views

Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability

A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames...

7.4CVSS7.4AI score0.00349EPSS
Exploits0References1
Cisco
Cisco
•added 2021/03/03 4:0 p.m.•41 views

Cisco SD-WAN vManage Software Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker would need to have a valid Administrator account on an affected system. The vulnerability is due to...

4.4CVSS4.6AI score0.00164EPSS
Exploits0References1
Cisco
Cisco
•added 2020/10/22 4:0 p.m.•41 views

Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability

A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service DoS condition. The vulnerability is due to improper error handling on...

8.6CVSS8.5AI score0.00883EPSS
Exploits0References1
Cisco
Cisco
•added 2020/10/21 4:0 p.m.•41 views

Cisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass Vulnerability

A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into...

6.7CVSS6.9AI score0.00344EPSS
Exploits0References1
Cisco
Cisco
•added 2020/09/02 4:0 p.m.•41 views

Cisco Jabber for Windows Information Disclosure Vulnerability

A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted messages to a targeted...

6.5CVSS6.9AI score0.01854EPSS
Exploits0References1
Total number of security vulnerabilities5000