5226 matches found
Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate...
Cisco Elastic Services Controller Sensitive Log Information Disclosure Vulnerability
A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive log files. An attacker...
Cisco Identity Services Engine Reflected Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a reflective cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
Cisco Email Security and Content Security Management Appliance Message Tracking Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an...
Cisco IP Phone 8800 Series SIP Denial of Service Vulnerability
A vulnerability in Session Initiation Protocol SIP call handling of Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the SIP process unexpectedly restarting. All active phone calls are dropped as the SIP process...
Cisco Identity Services Engine GUI Denial of Service Vulnerability
A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. The...
Cisco Email Security Appliance Malformed MIME Header Filtering Bypass Vulnerability
A vulnerability in the Multipurpose Internet Mail Extensions MIME scanner of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to improper error handling of a...
Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software Detection Bypass Vulnerability
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to the incorrect...
Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability
A vulnerability in the SSH subsystem of the Cisco Nexus family of products could allow an authenticated, remote attacker to bypass authentication, authorization, and accounting AAA restrictions. The vulnerability is due to the improper processing of certain parameters that are passed to an affect...
Cisco Firepower Management Center Privilege Escalation Vulnerability
A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance ASA 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to elevate the privileges of user accounts on the affected device. The vulnerability is due to...
Cisco Web Security Appliance Native FTP Denial of Service Vulnerability
A vulnerability in the native pass-through FTP functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition due to high CPU utilization. The vulnerability is due to how the FTP client terminates the FTP...
Cisco WebEx Meetings Server Open Redirect Vulnerability
A vulnerability in the Cisco WebEx Meetings Server CWMS web interface could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this...
Cisco Adaptive Security Appliance Information Disclosure Vulnerability
A vulnerability in the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to access sensitive data, including the ASA Software version that is currently running on the appliance. The vulnerability occurs because the Cisco ASA does not sufficiently protect...
Cisco Identity Services Engine Unauthorized Access Vulnerability
A vulnerability in the Admin portal of devices running Cisco Identity Services Engine ISE software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. An attacker who can connect to the Admin portal of an affected device could potentially exploit thi...
Cisco Jabber STARTTLS Downgrade Vulnerability
A vulnerability in the Cisco Jabber client could allow an unauthenticated, remote attacker to perform a STARTTLS downgrade attack. The vulnerability exists because the client does not verify that an Extensible Messaging and Presence Protocol XMPP connection has been established with Transport Lay...
Cisco Unity Connection Web Interface SQL Injection Vulnerability
A vulnerability in the web interface of Cisco Unity Connection UC could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input validation on user-supplied input in SQL queries. An attacker...
Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability
A vulnerability in the Internet Group Management Protocol version 3 IGMPv3 input packet processing of Cisco NX-OS could allow an unauthenticated, adjacent attacker to cause the IGMP process to restart due to a malformed IGMP packet, which could cause a denial of service DoS condition on the devic...
Cisco IOS Software TCL Script Interpreter Privilege Escalation Vulnerability
A vulnerability in the Tool Command Language TCL script interpreter of Cisco IOS Software could allow an authenticated, local attacker to escalate privileges from those of a non-privileged user to a privileged level 15 user. This would allow a non-privileged user to execute privileged commands...
Multiple Vulnerabilities in Cisco ASA Software
Cisco Adaptive Security Appliance ASA Software is affected by the following vulnerabilities: Cisco ASA Failover Command Injection Vulnerability Cisco ASA DNS Memory Exhaustion Vulnerability Cisco ASA VPN XML Parser Denial of Service Vulnerability Successful exploitation of the Cisco ASA Failover...
Multiple Vulnerabilities in Cisco TelePresence Video Communication Server, Cisco Expressway, and Cisco TelePresence Conductor
Cisco TelePresence Video Communication Server VCS, Cisco Expressway and Cisco TelePresence Conductor contain the following vulnerabilities: SDP Media Description Denial of Service Vulnerability Authentication Bypass Vulnerability Successful exploitation of the SDP Media Description Denial of...
Cisco 2900 Series Integrated Services Router Network-Based Application Recognition Denial of Service Vulnerability
A vulnerability in the Network-Based Application Recognition NBAR protocol process of the Cisco 2900 Series Integrated Services Router could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability occurs when the NBAR process locks. An attacker coul...
Cisco Adaptive Security Appliance RADIUS Change of Authorization Message Replay Vulnerability
A vulnerability in RADIUS Change of Authorization CoA messages of the Identity Firewall IDFW feature of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to modify the contents of the IDFW user cache. The vulnerability is due to insufficient validation of...
Cisco NX-OS Software Input Validation Vulnerability
A vulnerability in input parsing in Cisco NX-OS Software could allow an authenticated, local attacker to execute commands on the underlying operating system. The vulnerability is due to improper filtering of parameters passed to the Stream Editor sed filter. An attacker could exploit this...
Cisco Unified Computing System Fabric Interconnect String Overflow Vulnerability
A vulnerability in the administrative web interface of the Cisco Unified Computing System could allow an authenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to improper parameter input validation. An attacker could exploit this vulnerability by...
Cisco Secure Access Control System Session Fixation Web Vulnerability
A vulnerability in the web interface of Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to acquire the session identifier of another user's session. The vulnerability is due to the lack of session identifier regeneration. An attacker could exploit this...
Cisco Device Manager Command Execution Vulnerability
Cisco Device Manager contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands on a client host with the privileges of the user. This vulnerability affects Cisco Device Manager for the Cisco MDS 9000 Family and Cisco Nexus 5000 Series Switches whe...
Cisco IronPort Appliances Sophos Anti-Virus Vulnerabilities
Cisco IronPort Email Security Appliances ESA and Cisco IronPort Web Security Appliances WSA include versions of Sophos Anti-Virus that contain multiple vulnerabilities that could allow an unauthenticated, remote attacker to gain control of the system, escalate privileges, or cause a...
Buffer Overflow Vulnerabilities in the Cisco WebEx Player
The Cisco WebEx Recording Format WRF player contains four buffer overflow vulnerabilities and the Cisco Advanced Recording Format ARF player contains one buffer overflow vulnerability. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on th...
Cisco IOS Software IPS and Zone Based Firewall Vulnerabilities
Cisco IOS Software contains two vulnerabilities related to Cisco IOS Intrusion Prevention System IPS and Cisco IOS Zone-Based Firewall features. These vulnerabilities are: Memory leak in Cisco IOS Software Cisco IOS Software Denial of Service when processing specially crafted HTTP packets Cisco h...
Cisco IOS Software IP Version 6 over Multiprotocol Label Switching Vulnerabilities
Cisco IOS Software is affected by two vulnerabilities that cause a Cisco IOS device to reload when processing IP version 6 IPv6 packets over a Multiprotocol Label Switching MPLS domain. These vulnerabilities are: Crafted IPv6 Packet May Cause MPLS-Configured Device to Reload ICMPv6 Packet May Cau...
IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Default Passwords in the Application Velocity System
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco PIX and ASA Time-to-Live Vulnerability
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco PIX Vulnerabilities
...
Cisco AppDynamics PHP Agent Privilege Escalation Vulnerability
A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient permissions that are set by the PHP Agent Installer on the PHP Agent install directory. An...
Cisco Secure Client Software Denial of Service Vulnerabilities
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...
Cisco IOS XE Software for Wireless LAN Controllers Wireless Network Control Denial of Service Vulnerability
A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could exploit this...
Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance ESA; and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow a remote...
Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability
A vulnerability in the bidirectional forwarding detection BFD hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote...
Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to retrieve sensitive information from...
Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability
A vulnerability in the implementation of IPv6 VPN over MPLS 6VPE with Zone-Based Firewall ZBFW of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling of an IP...
Cisco Smart Software Manager On-Prem Denial of Service Vulnerability
A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. A...
Cisco Unified Communications Products Access Control Vulnerability
A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, and Cisco Unity Connection could allow an authenticated, remote attacker to perform certain administrative actions the...
Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to the storage of certain unencrypted credentials...
Cisco IOS XR Software Health Check Open Port Vulnerability
A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attack...
Cisco Small Business RV Series Routers Command Injection Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to...
Cisco Common Services Platform Collector Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...
Cisco Small Business Series Switches Session Credentials Replay Vulnerability
A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This...
Cisco IOS XE SD-WAN Software Command Injection Vulnerability
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI...
Cisco IoT Field Network Director SOAP API Authorization Bypass Vulnerability
A vulnerability in the SOAP API of Cisco IoT Field Network Director FND could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. The vulnerability is due to insufficient authorization in the SOAP API. An attacker could exploit th...