Cisco IOS Software and Cisco IOS XE Software Crafted RADIUS Packet Denial of Service Vulnerability

A vulnerability in Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper processing of crafted RADIUS packets by a device running the affected software. An authenticated, remote...

Cisco Unified Communications Domain Manager Administrative Interface Denial of Service Vulnerability

A vulnerability in Cisco Unified Communication Domain Manager UCDM Application Software version 10 could allow an unauthenticated, remote attacker to cause the web server to become unresponsive. As a result, connections to the Cisco UCDM GUI will not be possible during the attack. The vulnerabili...

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in the file URI scheme of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to inclusion of sensitive information in URLs. An attacker could exploit the vulnerability by viewing application URL...

Cisco WebEx MeetMeNow Server Directory Traversal Vulnerability

A vulnerability in a PHP file in the Cisco WebEx MeetMeNow Server could allow an authenticated, remote attacker to obtain the contents of arbitrary files on an affected device. The vulnerability is due to improper sanitization of user input. An exploit could allow the attacker to view the content...

Multiple Vulnerabilities in Cisco NX-OS-Based Products

Cisco Nexus, Cisco Unified Computing System UCS, and Cisco 1000 Series Connected Grid Routers CGR are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities: Cisco NX-OS Virtual Device Context SSH Privilege Escalation Vulnerabili...

Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected device that would lead to a denial of service DoS condition. The vulnerability is due to how an...

Cisco Unified Communications Manager Real Time Monitoring Tool Information Disclosure Vulnerability

A vulnerability in Real Time Monitoring Tool RTMT web application of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to access several files related to the RTMT application. The vulnerability is due to insufficient authentication enforcement. ...

Cisco Unified Communications Manager WAR File Availability Vulnerability

A vulnerability in the availability of Cisco Unified Communications Manager UCM web archive WAR files could allow an unauthenticated, remote attacker to access the files. The vulnerability is due to missing authentication requirements on locations that store WAR files. An attacker could exploit...

Cisco Unified Computing System Fabric Interconnect Arbitrary File Access Vulnerability

A vulnerability in the local file editor of the Cisco Unified Computing System fabric interconnect could allow an authenticated, local attacker to access arbitrary files on the userland filesystem with root privileges. The vulnerability is due to improper input filtering . An attacker could explo...

Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability

A vulnerability in the implementation of the virtual fragmentation reassembly VFR feature for IP version 6 IPv6 in Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to hang or reload, resulting in a denial of service DoS condition. The vulnerability is...

Cisco Open Network Environment Platform Unvalidated Pointer Vulnerability

A vulnerability in the Open Network Environment Platform ONEP could allow an authenticated, remote attacker to cause the network element to reload. The vulnerability is due to insufficient pointer validation. An attacker could exploit this vulnerability by sending a crafted packet to an ONEP...

Cisco TelePresence Management Suite SNMP Denial of Service Vulnerability

A vulnerability in the 64-bit SNMP server of Cisco TelePresence Management Suite TMS could allow an unauthenticated, remote attacker to terminate the TMSSNMPService.exe process. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending SNMP tra...

Cisco IOS XR Software SNMP Memory Leak Vulnerability

A vulnerability in the SNMP module of Cisco IOS XR could allow an authenticated, remote attacker to trigger a memory leak in the SNMP process. The vulnerability is due to insufficient checking of data input. An attacker could exploit this vulnerability by sending crafted SNMP packets to the devic...

Multiple Vulnerabilities in Cisco NX-OS-Based Products

Cisco Nexus, Cisco Unified Computing System UCS, Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers CGR are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities: Multiple Cisco Discovery...

Cisco ASA Clientless SSL VPN CIFS Denial of Service Vulnerability

A vulnerability in the implementation of the rewriter module of the Cisco Adaptive Security Appliance ASA Clientless SSL VPN could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to a race condition while accessing resources via the Commo...

Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability

Cisco Secure Access Control System ACS contains a vulnerability that could allow an unauthenticated, remote attacker to bypass TACACS+ based authentication service offered by the affected product. The vulnerability is due to improper validation of the user-supplied password when TACACS+ is the...

Cisco IronPort Web Security Appliance AsyncOS SSL Certificate Caching Vulnerability

Cisco IronPort Web Security Appliance AsyncOS software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks against a targeted system. The vulnerability is in the insecure SSL implementation of the affected operating system due to...

Cisco Secure Desktop Remote Cross-Site Scripting Vulnerability

Cisco Secure Desktop contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to a lack of input sanitation in the Cisco Secure Desktop. An unauthenticated, remote attacker could exploit this vulnerability by...

Cisco IOS cTCP Denial of Service Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco IOS NAT Skinny Call Control Protocol Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Default Passwords in the Application Velocity System

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco IOS Next Hop Resolution Protocol Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Telnet Denial of Service Vulnerability

A specifically crafted Transmission Control Protocol TCP connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System IOS® may block further telnet, reverse telnet, Remote Shell RSH, Secure Shell SSH, and in some cases Hypertext Transport Protocol HTTP...

Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability

...

Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Vulnerabilities

Multiple vulnerabilities in Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause a denial of service DoS condition, gain unauthorized access, or view sensitive information on an affected system. For more information about these vulnerabilities, see the Details "details...

Cisco Catalyst Center Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device. This vulnerability is due to insufficient authorization enforcement. An...

Cisco Access Point Software Denial of Service Vulnerability

A vulnerability in the IP packet processing of Cisco Access Point AP Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could...

Cisco Firepower Threat Defense Software Snort 3 Geolocation IP Filter Bypass Vulnerability

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...

Cisco Unified Communications Manager SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This...

Cisco Identity Services Engine Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid...

Cisco BroadWorks Network Server TCP Denial of Service Vulnerability

A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service DoS condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability

A vulnerability in the deterministic random bit generator DRBG, also known as pseudorandom number generator PRNG, in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an...

Cisco Firepower Management Center and Firepower Threat Defense Software SSH Denial of Service Vulnerability

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center FMC and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper err...

Cisco Firepower Threat Defense Software Generic Routing Encapsulation Denial of Service Vulnerability

A vulnerability in the generic routing encapsulation GRE tunnel decapsulation feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory handling err...

Vulnerability in NVIDIA Data Plane Development Kit Affecting Cisco Products: August 2022

On August 29, 2022, NVIDIA announced the following vulnerability with a medium impact: CVE-2022-28199: Security Bulletin: NVIDIA Data Plane Development Kit MLNXDPDK - August 2022 For a description of this vulnerability, see Security Bulletin: NVIDIA Data Plane Development Kit MLNXDPDK - August 20...

Cisco IoT Control Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly...

Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement...

Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an attacker to execute a cross-site scripting XSS attack or an open redirect attack. For more information about these vulnerabilities, see the Details "details" section of...

Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerability

It was previously published that a vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service DoS condition. This...

Cisco AnyConnect Secure Mobility Client for Windows Arbitrary File Read Vulnerability

A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the underlying operating system of an affected device. The vulnerability is due to an exposed IPC function. ...

Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Multicast DNS Denial of Service Vulnerability

A vulnerability in the multicast DNS mDNS feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper validation of mDNS packets. An attacker...

Cisco IOS XE Software Web UI Improper Input Validation Vulnerability

A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vulnerability by entering...

Cisco Small Business RV340 Series Routers Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system OS as a restricted user. For more information about these vulnerabilities, s...

Cisco NX-OS Software Call Home Command Injection Vulnerability

A vulnerability in the Call Home feature of Cisco NX-OS Software could allow an authenticated, remote attacker to inject arbitrary commands that could be executed with root privileges on the underlying operating system OS. The vulnerability is due to insufficient input validation of specific Call...

Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak Vulnerability

A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service DoS condition on an affected device. The vulnerability is due to incorrect processin...

Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to elevate privileges and execute commands with higher privileges. The vulnerability is due to insufficient authorization of the System Operator role capabilities. An attacker could...

Cisco TelePresence Collaboration Endpoint and RoomOS Software Command Injection Vulnerability

A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem to cause a denial of service DoS or gain privileged access to the root filesystem. The vulnerabili...

Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability

A vulnerability in how Cisco Firepower Threat Defense FTD Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service DoS condition...