Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
•added 2017/09/27 4:0 p.m.•39 views

Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability

A vulnerability in the Cisco Network Plug and Play application of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate...

8.7CVSS5.8AI score0.00997EPSS
Exploits0References1
Cisco
Cisco
•added 2017/08/16 4:0 p.m.•39 views

Cisco Elastic Services Controller Sensitive Log Information Disclosure Vulnerability

A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive log files. An attacker...

6.3CVSS6.3AI score0.00299EPSS
Exploits0References1
Cisco
Cisco
•added 2017/06/21 4:0 p.m.•39 views

Cisco Identity Services Engine Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a reflective cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

4.1CVSS5.4AI score0.00891EPSS
Exploits0References1
Cisco
Cisco
•added 2017/06/07 4:0 p.m.•39 views

Cisco Email Security and Content Security Management Appliance Message Tracking Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an...

6.1CVSS6.1AI score0.01242EPSS
Exploits0References1
Cisco
Cisco
•added 2017/06/07 4:0 p.m.•39 views

Cisco IP Phone 8800 Series SIP Denial of Service Vulnerability

A vulnerability in Session Initiation Protocol SIP call handling of Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the SIP process unexpectedly restarting. All active phone calls are dropped as the SIP process...

6.8CVSS5.9AI score0.01661EPSS
Exploits0References1
Cisco
Cisco
•added 2017/05/17 4:0 p.m.•39 views

Cisco Identity Services Engine GUI Denial of Service Vulnerability

A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. The...

5.3CVSS7.6AI score0.02139EPSS
Exploits0References1
Cisco
Cisco
•added 2017/02/01 4:0 p.m.•39 views

Cisco Email Security Appliance Malformed MIME Header Filtering Bypass Vulnerability

A vulnerability in the Multipurpose Internet Mail Extensions MIME scanner of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to improper error handling of a...

5.8CVSS5.7AI score0.02239EPSS
Exploits0References1
Cisco
Cisco
•added 2016/12/07 4:0 p.m.•39 views

Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software Detection Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to the incorrect...

5CVSS7.6AI score0.01957EPSS
Exploits0References1
Cisco
Cisco
•added 2016/10/05 4:0 p.m.•39 views

Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability

A vulnerability in the SSH subsystem of the Cisco Nexus family of products could allow an authenticated, remote attacker to bypass authentication, authorization, and accounting AAA restrictions. The vulnerability is due to the improper processing of certain parameters that are passed to an affect...

9CVSS7.9AI score0.01959EPSS
Exploits0References1
Cisco
Cisco
•added 2016/08/17 4:0 p.m.•39 views

Cisco Firepower Management Center Privilege Escalation Vulnerability

A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance ASA 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to elevate the privileges of user accounts on the affected device. The vulnerability is due to...

9CVSS8.6AI score0.02399EPSS
Exploits0References1
Cisco
Cisco
•added 2016/06/27 6:40 p.m.•39 views

Cisco Web Security Appliance Native FTP Denial of Service Vulnerability

A vulnerability in the native pass-through FTP functionality of the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition due to high CPU utilization. The vulnerability is due to how the FTP client terminates the FTP...

5CVSS5.2AI score0.01251EPSS
Exploits0References1
Cisco
Cisco
•added 2016/04/28 12:0 a.m.•39 views

Cisco WebEx Meetings Server Open Redirect Vulnerability

A vulnerability in the Cisco WebEx Meetings Server CWMS web interface could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this...

4.3CVSS7.4AI score0.01321EPSS
Exploits0References1
Cisco
Cisco
•added 2016/01/15 10:23 p.m.•39 views

Cisco Adaptive Security Appliance Information Disclosure Vulnerability

A vulnerability in the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to access sensitive data, including the ASA Software version that is currently running on the appliance. The vulnerability occurs because the Cisco ASA does not sufficiently protect...

5CVSS5.3AI score0.01961EPSS
Exploits0References1
Cisco
Cisco
•added 2016/01/13 4:0 p.m.•39 views

Cisco Identity Services Engine Unauthorized Access Vulnerability

A vulnerability in the Admin portal of devices running Cisco Identity Services Engine ISE software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. An attacker who can connect to the Admin portal of an affected device could potentially exploit thi...

10CVSS9.7AI score0.0302EPSS
Exploits0References1
Cisco
Cisco
•added 2015/12/24 6:30 p.m.•39 views

Cisco Jabber STARTTLS Downgrade Vulnerability

A vulnerability in the Cisco Jabber client could allow an unauthenticated, remote attacker to perform a STARTTLS downgrade attack. The vulnerability exists because the client does not verify that an Extensible Messaging and Presence Protocol XMPP connection has been established with Transport Lay...

4.3CVSS5.6AI score0.01341EPSS
Exploits0References1
Cisco
Cisco
•added 2015/09/18 8:25 p.m.•39 views

Cisco Unity Connection Web Interface SQL Injection Vulnerability

A vulnerability in the web interface of Cisco Unity Connection UC could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input validation on user-supplied input in SQL queries. An attacker...

6.5CVSS7.4AI score0.01592EPSS
Exploits0References1
Cisco
Cisco
•added 2015/08/17 2:34 p.m.•39 views

Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability

A vulnerability in the Internet Group Management Protocol version 3 IGMPv3 input packet processing of Cisco NX-OS could allow an unauthenticated, adjacent attacker to cause the IGMP process to restart due to a malformed IGMP packet, which could cause a denial of service DoS condition on the devic...

6.1CVSS6.2AI score0.01116EPSS
Exploits0References1
Cisco
Cisco
•added 2015/06/12 7:25 p.m.•39 views

Cisco IOS Software TCL Script Interpreter Privilege Escalation Vulnerability

A vulnerability in the Tool Command Language TCL script interpreter of Cisco IOS Software could allow an authenticated, local attacker to escalate privileges from those of a non-privileged user to a privileged level 15 user. This would allow a non-privileged user to execute privileged commands...

6.9CVSS7AI score0.00436EPSS
Exploits0References1
Cisco
Cisco
•added 2015/04/08 4:0 p.m.•39 views

Multiple Vulnerabilities in Cisco ASA Software

Cisco Adaptive Security Appliance ASA Software is affected by the following vulnerabilities: Cisco ASA Failover Command Injection Vulnerability Cisco ASA DNS Memory Exhaustion Vulnerability Cisco ASA VPN XML Parser Denial of Service Vulnerability Successful exploitation of the Cisco ASA Failover...

8.3CVSS7.1AI score
Exploits0References1
Cisco
Cisco
•added 2015/03/11 4:0 p.m.•39 views

Multiple Vulnerabilities in Cisco TelePresence Video Communication Server, Cisco Expressway, and Cisco TelePresence Conductor

Cisco TelePresence Video Communication Server VCS, Cisco Expressway and Cisco TelePresence Conductor contain the following vulnerabilities: SDP Media Description Denial of Service Vulnerability Authentication Bypass Vulnerability Successful exploitation of the SDP Media Description Denial of...

10CVSS6.7AI score0.04341EPSS
Exploits0References1
Cisco
Cisco
•added 2015/01/27 3:40 p.m.•39 views

Cisco 2900 Series Integrated Services Router Network-Based Application Recognition Denial of Service Vulnerability

A vulnerability in the Network-Based Application Recognition NBAR protocol process of the Cisco 2900 Series Integrated Services Router could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability occurs when the NBAR process locks. An attacker coul...

7.1CVSS6.4AI score0.0234EPSS
Exploits0References1
Cisco
Cisco
•added 2014/01/08 7:52 p.m.•39 views

Cisco Adaptive Security Appliance RADIUS Change of Authorization Message Replay Vulnerability

A vulnerability in RADIUS Change of Authorization CoA messages of the Identity Firewall IDFW feature of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to modify the contents of the IDFW user cache. The vulnerability is due to insufficient validation of...

4.3CVSS6.4AI score0.01513EPSS
Exploits0References1
Cisco
Cisco
•added 2013/10/09 1:51 p.m.•39 views

Cisco NX-OS Software Input Validation Vulnerability

A vulnerability in input parsing in Cisco NX-OS Software could allow an authenticated, local attacker to execute commands on the underlying operating system. The vulnerability is due to improper filtering of parameters passed to the Stream Editor sed filter. An attacker could exploit this...

6.8CVSS2.3AI score0.00321EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/19 5:11 p.m.•39 views

Cisco Unified Computing System Fabric Interconnect String Overflow Vulnerability

A vulnerability in the administrative web interface of the Cisco Unified Computing System could allow an authenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to improper parameter input validation. An attacker could exploit this vulnerability by...

4CVSS2.1AI score0.01725EPSS
Exploits0References1
Cisco
Cisco
•added 2013/05/16 3:28 p.m.•39 views

Cisco Secure Access Control System Session Fixation Web Vulnerability

A vulnerability in the web interface of Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to acquire the session identifier of another user's session. The vulnerability is due to the lack of session identifier regeneration. An attacker could exploit this...

6.8CVSS2.1AI score0.01209EPSS
Exploits0References1
Cisco
Cisco
•added 2013/04/24 4:0 p.m.•39 views

Cisco Device Manager Command Execution Vulnerability

Cisco Device Manager contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands on a client host with the privileges of the user. This vulnerability affects Cisco Device Manager for the Cisco MDS 9000 Family and Cisco Nexus 5000 Series Switches whe...

9.3CVSS7.4AI score0.02409EPSS
Exploits0References1
Cisco
Cisco
•added 2012/11/09 3:0 a.m.•39 views

Cisco IronPort Appliances Sophos Anti-Virus Vulnerabilities

Cisco IronPort Email Security Appliances ESA and Cisco IronPort Web Security Appliances WSA include versions of Sophos Anti-Virus that contain multiple vulnerabilities that could allow an unauthenticated, remote attacker to gain control of the system, escalate privileges, or cause a...

9.7CVSS8AI score
Exploits0References1
Cisco
Cisco
•added 2012/06/27 4:0 p.m.•39 views

Buffer Overflow Vulnerabilities in the Cisco WebEx Player

The Cisco WebEx Recording Format WRF player contains four buffer overflow vulnerabilities and the Cisco Advanced Recording Format ARF player contains one buffer overflow vulnerability. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on th...

9.3CVSS7.7AI score0.03911EPSS
Exploits1References1
Cisco
Cisco
•added 2011/09/28 4:0 p.m.•39 views

Cisco IOS Software IPS and Zone Based Firewall Vulnerabilities

Cisco IOS Software contains two vulnerabilities related to Cisco IOS Intrusion Prevention System IPS and Cisco IOS Zone-Based Firewall features. These vulnerabilities are: Memory leak in Cisco IOS Software Cisco IOS Software Denial of Service when processing specially crafted HTTP packets Cisco h...

7.8CVSS6.5AI score
Exploits0References1
Cisco
Cisco
•added 2011/09/28 4:0 p.m.•39 views

Cisco IOS Software IP Version 6 over Multiprotocol Label Switching Vulnerabilities

Cisco IOS Software is affected by two vulnerabilities that cause a Cisco IOS device to reload when processing IP version 6 IPv6 packets over a Multiprotocol Label Switching MPLS domain. These vulnerabilities are: Crafted IPv6 Packet May Cause MPLS-Configured Device to Reload ICMPv6 Packet May Cau...

7.8CVSS6.4AI score
Exploits0References1
Cisco
Cisco
•added 2009/01/14 4:0 p.m.•39 views

IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

5.9AI score
Exploits0References1
Cisco
Cisco
•added 2008/01/23 4:0 p.m.•39 views

Default Passwords in the Application Velocity System

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS6.2AI score0.02237EPSS
Exploits0References1
Cisco
Cisco
•added 2008/01/23 4:0 p.m.•39 views

Cisco PIX and ASA Time-to-Live Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.2AI score0.01985EPSS
Exploits0References1
Cisco
Cisco
•added 2003/12/15 4:0 p.m.•39 views

Cisco PIX Vulnerabilities

...

7.8CVSS1.9AI score0.01378EPSS
Exploits0References1Affected Software2
Cisco
Cisco
•added 2023/11/15 4:0 p.m.•38 views

Cisco AppDynamics PHP Agent Privilege Escalation Vulnerability

A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient permissions that are set by the PHP Agent Installer on the PHP Agent install directory. An...

6.3CVSS6.7AI score0.00189EPSS
Exploits0References1
Cisco
Cisco
•added 2023/11/15 4:0 p.m.•38 views

Cisco Secure Client Software Denial of Service Vulnerabilities

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.6AI score
Exploits0References1
Cisco
Cisco
•added 2023/09/27 4:0 p.m.•38 views

Cisco IOS XE Software for Wireless LAN Controllers Wireless Network Control Denial of Service Vulnerability

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could exploit this...

6.1CVSS6.4AI score0.00238EPSS
Exploits0References1
Cisco
Cisco
•added 2023/06/21 4:0 p.m.•38 views

Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance ESA; and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow a remote...

6.1CVSS6AI score0.00508EPSS
Exploits0References1
Cisco
Cisco
•added 2023/03/08 4:0 p.m.•38 views

Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability

A vulnerability in the bidirectional forwarding detection BFD hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote...

8.6CVSS1.5AI score0.01046EPSS
Exploits0References1
Cisco
Cisco
•added 2022/11/02 4:0 p.m.•38 views

Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to retrieve sensitive information from...

6.5CVSS6.2AI score0.00891EPSS
Exploits0References1
Cisco
Cisco
•added 2022/09/28 4:0 p.m.•38 views

Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability

A vulnerability in the implementation of IPv6 VPN over MPLS 6VPE with Zone-Based Firewall ZBFW of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling of an IP...

7.4CVSS7.3AI score0.0028EPSS
Exploits0References1
Cisco
Cisco
•added 2022/07/06 4:0 p.m.•38 views

Cisco Smart Software Manager On-Prem Denial of Service Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. A...

7.7CVSS2.6AI score0.00875EPSS
Exploits0References1
Cisco
Cisco
•added 2022/07/06 4:0 p.m.•38 views

Cisco Unified Communications Products Access Control Vulnerability

A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, and Cisco Unity Connection could allow an authenticated, remote attacker to perform certain administrative actions the...

6.5CVSS7.5AI score0.01073EPSS
Exploits0References1
Cisco
Cisco
•added 2022/07/06 4:0 p.m.•38 views

Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to the storage of certain unencrypted credentials...

4.9CVSS4.9AI score0.0082EPSS
Exploits0References1
Cisco
Cisco
•added 2022/05/20 4:0 p.m.•38 views

Cisco IOS XR Software Health Check Open Port Vulnerability

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attack...

6.5CVSS6.8AI score0.1176EPSS
Exploits0References1
Cisco
Cisco
•added 2022/05/04 4:0 p.m.•38 views

Cisco Small Business RV Series Routers Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to...

4.7CVSS6.4AI score0.01923EPSS
Exploits0References1
Cisco
Cisco
•added 2021/11/17 4:0 p.m.•38 views

Cisco Common Services Platform Collector Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

5.5CVSS1.7AI score0.00699EPSS
Exploits0References1
Cisco
Cisco
•added 2021/11/03 4:0 p.m.•38 views

Cisco Small Business Series Switches Session Credentials Replay Vulnerability

A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This...

8.1CVSS8.1AI score0.01617EPSS
Exploits0References1
Cisco
Cisco
•added 2021/09/22 4:0 p.m.•38 views

Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI...

6.7CVSS6.8AI score0.00346EPSS
Exploits0References1
Cisco
Cisco
•added 2020/11/18 4:0 p.m.•38 views

Cisco IoT Field Network Director SOAP API Authorization Bypass Vulnerability

A vulnerability in the SOAP API of Cisco IoT Field Network Director FND could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. The vulnerability is due to insufficient authorization in the SOAP API. An attacker could exploit th...

8.7CVSS1.9AI score0.01EPSS
Exploits0References1
Total number of security vulnerabilities5000