Cisco WebEx Advanced Recording Format Remote Code Execution Vulnerability

A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format ARF files could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user. An attacker could exploit this vulnerability by sending the user a link or email attachme...

Cisco AMP for Endpoints macOS Connector DMG File Malware Bypass Vulnerability

A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection AMP for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file extension for detectin...

Cisco Secure Access Control Server XML External Entity Injection Vulnerability

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities XXEs when parsing an...

Cisco Policy Suite Unauthenticated Information Disclosure Vulnerability

A vulnerability in the Policy and Charging Rules Function PCRF of the Cisco Policy Suite CPS could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The attacker would also have to have access ...

Cisco NX-OS System Software Patch Installation Arbitrary File Write Vulnerability

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

Cisco WebEx Meetings Server Denial of Service Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this...

Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerabilities

Multiple vulnerabilities in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerabilities are due to the improper...

Cisco IOS Software for Cisco Catalyst 6800 Series Switches VPLS Denial of Service Vulnerability

A vulnerability in the Virtual Private LAN Service VPLS code of Cisco IOS Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service DoS condition. The...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

Cisco Yes Set-Top Box Denial of Service vulnerability

A vulnerability in the HTTP remote procedure call RPC service of set-top box STB receivers manufactured by Cisco for Yes could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists because the firmware of an affected...

Cisco IOS and Cisco IOS XE Software IPv6 SNMP Message Handling Denial of Service Vulnerability

A vulnerability in the IPv6 Simple Network Management Protocol SNMP code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of the device. The vulnerability is due to IPv6 sub block corruption. An attacker could exploit this...

Cisco Prime Infrastructure HTML Injection Vulnerability

A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application. The vulnerability is due to improper sanitization of parameter values by the affected application. An...

Cisco StarOS for ASR 5000 Series Routers Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. The vulnerability is due to incorrect permissions that are given to a set o...

Cisco Ultra Services Framework UAS Unauthenticated Access Vulnerability

A vulnerability in the Ultra Automation Service UAS of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeeper service used by the...

Cisco Identity Services Engine Guest Portal Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected device. The vulnerability is due to insufficient...

Cisco UCS C-Series Rack Servers TCP Port Denial of Service Vulnerability

A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this...

Cisco FindIT Network Probe Information Disclosure Vulnerability

A vulnerability in the file-download feature of the web user interface for Cisco FindIT Network Probe Software could allow an authenticated, remote attacker to download and view any system file by using the affected software. The vulnerability is due to the absence of role-based access control RB...

Cisco AsyncOS Software for Cisco ESA Filtering Bypass Vulnerability

A vulnerability in the Multipurpose Internet Mail Extensions MIME scanner of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to improper error handling of a...

Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Command Shell Injection Vulnerability

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. The vulnerability is due to insufficie...

Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability

A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service DoS condition. The vulnerability is du...

Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability

A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance ASA CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service DoS condition. The...

Cisco ASR 5000 Software ipsecmgr Process IKE Packet Parsing Denial of Service Vulnerability

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. The vulnerability is due to a logical error while parsing IKE packets. An attacker could exploit this vulnerability by submitting malformed I...

Cisco IOS Frame Forwarding Denial of Service Vulnerability

A vulnerability in Cisco IOS on Catalysts Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. The vulnerability occurs because the software forwards Layer 2 frames that should be consumed by the first hop. An attacker could...

Cisco ASR 5000 Series ipsecmgr Service Denial of Service Vulnerability

A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service DoS condition. The vulnerability is due to...

Cisco Meeting Server Session Description Protocol Media Lines Buffer Overflow Vulnerability

A vulnerability in the Session Description Protocol SDP parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the affected software performs incomplete input validation of the size of media...

Cisco TelePresence Endpoints Local Command Injection Vulnerability

Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. The vulnerability is due to incomplete input sanitization of some commands. An attacker could exploit this...

Cisco Firepower Management Center and FireSIGHT System Software Malware Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to improper input...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation for some of t...

Cisco Configuration Assistant Request Processing Unauthorized Access Vulnerability

A vulnerability in Cisco Configuration Assistant CCA could allow an unauthenticated, remote attacker to access sensitive file systems and administrative endpoints without user authentication. The vulnerability is due to lack of controller mechanisms and input validation checks. An attacker could...

Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability

A vulnerability in the Clam AntiVirus ClamAV software that is used by Cisco Advance Malware Protection AMP for Cisco Email Security Appliances ESAs and Cisco Web Security Appliances WSAs could allow an unauthenticated, remote attacker to cause the AMP process to restart. The vulnerability is due ...

Cisco WebEx Meetings Server Open Redirect Vulnerability

A vulnerability in the Cisco WebEx Meetings Server CWMS web interface could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this...

Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability

A vulnerability in the Locator/ID Separation Protocol LISP of Cisco IOS Software running on the Cisco Catalyst 6500 and 6800 Series Switches and Cisco NX-OS Software running on the Cisco Nexus 7000 and Nexus 7700 Series Switches with an M1 Series Gigabit Ethernet Module could allow an...

Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches Denial of Service Vulnerability

A vulnerability in the processing of Cisco Discovery Protocol CDP packets by Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to improper processing of crafted CD...

Cisco Unified Computing System 6200 Series Fabric Interconnect Series Switch DoS Vulnerability

A vulnerability in the SSH management interface of the Cisco Unified Computing System UCS 6200 Series Fabric Interconnect Series Switch could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because a fabric interconnect interface might not boot completely up o...

Cisco Prime Collaboration Assurance Default Account Credential Vulnerability

A vulnerability in Cisco Prime Collaboration Assurance PCA Software could allow an unauthenticated, remote attacker to log in to the system shell with the default cmuser user account and access the shell with a limited set of permissions. The vulnerability is due to an undocumented account that h...

Cisco Unity Connection Cross-Site Scripting Vulnerability

A vulnerability in the HTTP web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient input validation...

Cisco Firepower 9000 Series Switch Clickjacking Vulnerability

A vulnerability in the web interface of the Cisco Firepower 9000 Series Switch could allow an unauthenticated, remote attacker to affect the integrity of the device though a clickjacking or phishing attack. The vulnerability is due to the lack of proper input sanitization of iFrame data in the HT...

Cisco Unified Border Element Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol SIP functionality of Cisco Unified Border Element CUBE could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition. The vulnerability is due to incorrect processing of SIP messages. An attacker could exploit this...

Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability

A vulnerability in the SSH version 2 SSHv2 protocol implementation of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass user authentication. Successful exploitation could allow the attacker to log in with the privileges of the user or the privileges configure...

Cisco Secure Access Control Server SSH Login Denial of Service Vulnerability

A vulnerability in the Secure Shell SSH feature of the Cisco Secure Access Control Server ACS could allow an authenticated, remote attacker to cause a partial denial of service DoS condition due to the SSH screen process unexpectedly terminating. The vulnerability is due to improper input...

Cisco Unified Communications Domain Manager Default Static Privileged Account Credentials

A vulnerability in the Cisco Unified Communications Domain Manager Platform Software could allow an unauthenticated, remote attacker to login with the privileges of the root user and take full control of the affected system. The vulnerability occurs because a privileged account has a default and...

Cisco IP Phone 7861 Denial of Service Vulnerability

A vulnerability in the Cisco IP Phone 7861 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper boundary restrictions when user-supplied input to the affected application is processed. An...

Cisco Access Control Server File Inclusion Vulnerability

A vulnerability in Cisco Access Control Server ACS could allow an unauthenticated, remote attacker to perform a file inclusion attack. The vulnerability is due to improper input validation of certain parameters passed to an affected device. An attacker could exploit this vulnerability by convinci...

Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability

A vulnerability in a Cisco-signed Java Archive JAR executable Cache Cleaner component of Cisco Secure Desktop could allow an unauthenticated, remote attacker to execute arbitrary commands on the client host where the affected .jar file is executed. Command execution would occur with the privilege...

Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge Vulnerability

A vulnerability within the virtual routing and forwarding VRF subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a failure to properly process malicious ICMP version 4 ICMPv4 messages received on ...

Cisco Enterprise Content Delivery System Web Directory Traversal and Arbitrary File Access Vulnerability

A vulnerability in Cisco Enterprise Content Delivery System ECDS could allow an unauthenticated, remote attacker to conduct directory traversal attacks on a targeted system. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could...

Cisco Unity Connection Information Disclosure Vulnerability

A vulnerability in the Unified Messaging Service UMS of Cisco Unity Connection, could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to the inclusion of sensitive information in the logs. An attacker could exploit this vulnerability by viewing th...

Cisco IOS Software Network Address Translation Denial of Service Vulnerability

A vulnerability in the Network Address Translation NAT feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper translation of IP version 4 IPv4 packets. Cisco has released...

Cisco IOS XE Software Malformed L2TP Packet Vulnerability

A vulnerability in the Layer 2 Tunneling Protocol L2TP module of Cisco IOS XE on Cisco ASR 1000 Series Routers could allow an authenticated, remote attacker to cause a reload of the processing ESP card. The vulnerability occurs during the processing of a malformed L2TP packet. An attacker could...

Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability

A vulnerability in the Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks models RSP720-3C-10GE and RSP720-3CXL-10GE could allow an unauthenticated, remote attacker to cause the route processor to reboot or stop forwarding traffic. The vulnerability is due to an issue i...