Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
added 2016/06/03 12:0 a.m.35 views

Cisco IP 8800 Series Phones btcli Utility Command Injection Vulnerability

A vulnerability in a command-line interface CLI utility of the Cisco IP 8800 Series Phones could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted...

6.8CVSS8.1AI score0.0051EPSS
Exploits0References1
Cisco
Cisco
added 2016/05/25 4:0 p.m.35 views

Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

A vulnerability in the IP Version 6 IPv6 packet processing functions of multiple Cisco products could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service DoS condition on the device. The vulnerability is due to...

5.8CVSS7.4AI score0.03823EPSS
Exploits0References1
Cisco
Cisco
added 2016/04/20 4:0 p.m.35 views

Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Wireless LAN Controller WLC devices running Cisco AireOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the...

7.8CVSS7.6AI score0.02082EPSS
Exploits0References1
Cisco
Cisco
added 2016/03/30 4:0 p.m.35 views

Cisco Firepower Malware Block Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. The vulnerability is due to improper input validation of fields in HTTP headers. A...

5CVSS7.6AI score0.01399EPSS
Exploits0References1
Cisco
Cisco
added 2016/01/15 11:0 a.m.35 views

Cisco FireSIGHT Management Center Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web framework of Cisco FireSIGHT Management Center could allow an unauthenticated, remote attacker to execute a stored cross-site scripting XSS attack against a user of the Cisco FireSIGHT Management Center web interface. The vulnerabilities are due to improper...

4.3CVSS6.2AI score0.01122EPSS
Exploits0References1
Cisco
Cisco
added 2015/12/10 12:0 a.m.35 views

Cisco Videoscape Distribution Suite Service Manager Unauthorized Access Vulnerability

A vulnerability in the role-based access control RBAC for certain users of the Cisco Videoscape Distribution Suite Service Manager VDS-SM could allow an authenticated, remote attacker read and write access to an internal database that contains sensitive information. The vulnerability is due to la...

5.5CVSS6.4AI score0.00952EPSS
Exploits0References1
Cisco
Cisco
added 2015/12/08 12:0 a.m.35 views

Cisco Wireless Residential Gateway Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of the Cisco EPC3928 Wireless Residential Gateway could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to...

4.3CVSS7.1AI score0.0718EPSS
Exploits4References1
Cisco
Cisco
added 2015/11/30 12:0 a.m.35 views

Cisco IOS XE 3S Platforms Series root Shell License Bypass Vulnerability

A vulnerability in one of the diagnostic commands in the Cisco IOS XE operating system for Cisco IOS XE 3S platforms could allow an authenticated, privileged, local attacker to gain restricted root shell access. The root shell is provided for advanced troubleshooting with Cisco Technical Assistan...

6.8CVSS6.4AI score0.00383EPSS
Exploits1References1
Cisco
Cisco
added 2015/11/17 12:0 a.m.35 views

Cisco Firepower 9000 Command Injection at Management I/O Command-Line Interface Vulnerability

A vulnerability in the Management I/O MIO command-line interface CLI command execution of Cisco Firepower 9000 devices could allow an authenticated, local attacker to access the underlying operating system and execute commands at the root privilege level. The vulnerability is due to insufficient...

4.3CVSS7AI score0.00392EPSS
Exploits0References1
Cisco
Cisco
added 2015/11/04 4:0 p.m.35 views

Cisco Web Security Appliance Range Request Denial of Service Vulnerability

A vulnerability in the file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an appliance because the appliance runs out of system memory. The vulnerability is due to a...

7.8CVSS6.7AI score0.01925EPSS
Exploits0References1
Cisco
Cisco
added 2015/10/08 1:30 p.m.35 views

Cisco Prime Collaboration Assurance SQL Injection Vulnerability

A vulnerability in web framework of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to execute unauthorized SQL queries. The vulnerability is due to a failure to validate user-supplied input that is used in SQL queries. An attacker could exploit this vulnerabilit...

6.5CVSS7AI score0.01592EPSS
Exploits0References1
Cisco
Cisco
added 2015/10/07 8:51 p.m.35 views

Cisco TelePresence Video Communication Server Expressway File Modification Vulnerability

A vulnerability in the symbolic link operation of the Cisco TelePresence Video Communication Server VCS Expressway could allow an authenticated, local attacker to perform a symbolic link attack on the affected system. The vulnerability is due to insufficient protection of files. An attacker could...

4.4CVSS6.3AI score0.00355EPSS
Exploits0References1
Cisco
Cisco
added 2015/09/23 4:3 p.m.35 views

Cisco AnyConnect Secure Mobility Client for Linux and Mac OS X Privilege Escalation Vulnerability

A vulnerability in the code responsible for the self-updating feature of Cisco AnyConnect Secure Mobility Client for Linux and the Cisco AnyConnect Secure Mobility Client for Mac OS X could allow an authenticated, local attacker to execute an arbitrary executable file of its choosing with...

6.8CVSS6.4AI score0.01048EPSS
Exploits3References1
Cisco
Cisco
added 2015/07/09 9:6 p.m.35 views

Cisco Hosted Collaboration Solution Cross-Site Scripting Vulnerability

A vulnerability in Cisco Hosted Collaboration Solution could allow an unauthenticated, remote attacker to perform cross-site scripting XSS attacks. The vulnerability is due to insufficient validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to...

4.3CVSS5.9AI score0.01546EPSS
Exploits0References1
Cisco
Cisco
added 2015/07/07 8:6 p.m.35 views

Cisco IOS XE for Cisco 1000 Series ASR Routers Denial of Service Vulnerability

A vulnerability in PPP over Ethernet PPPoE processing on Cisco IOS XE for Cisco 1000 Series ASR routers could allow an unauthenticated, adjacent attacker to cause a reload of the affected device. The vulnerability is due to improper processing of malformed PPPoE Active Discovery Request PADR...

6.1CVSS6.5AI score0.00772EPSS
Exploits0References1
Cisco
Cisco
added 2015/04/28 8:56 p.m.35 views

Cisco StarOS for Cisco ASR 5000 Series HAMGR Service Proxy Mobile IPv6 Processing Denial of Service Vulnerability

A vulnerability in proxy mobile PM IPv6 processing of Cisco StarOS for Cisco ASR 5000 Series devices could allow an unauthenticated, remote attacker to cause a reload of the hamgr service on the affected device. The vulnerability is due to improper processing of malformed IPv6 PM packets. An...

5CVSS7.1AI score0.01759EPSS
Exploits0References1
Cisco
Cisco
added 2015/04/14 9:23 p.m.35 views

Cisco Unified Communications Manager Interactive Voice Response Interface SQL Injection Vulnerability

A vulnerability in the Interactive Voice Response IVR interface of Cisco Unified Communications Manager UCM could allow an unauthenticated, remote attacker to conduct SQL injection attacks. The vulnerability is due to a lack of input validation on user-supplied input within SQL queries. An attack...

5CVSS7.5AI score0.01893EPSS
Exploits0References1
Cisco
Cisco
added 2015/03/27 12:30 p.m.35 views

Cisco NX-OS Software DHCP Options Command Injection Vulnerability

A vulnerability in DHCP code used with PowerOn Auto Provisioning POAP of Cisco NX-OS could allow an unauthenticated, adjacent attacker to inject arbitrary commands into the Cisco NX-OS device. The vulnerability is due to insufficient input validation of the DHCP options returned as a result of...

6.8CVSS7.2AI score0.01138EPSS
Exploits0References1
Cisco
Cisco
added 2015/02/11 4:47 p.m.35 views

Cisco IOS Measurement, Aggregation, and Correlation Engine Denial of Service Vulnerability

A vulnerability in the Measurement, Aggregation, and Correlation Engine MACE feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a race condition between process switching and Cisco Express Forwarding...

5.4CVSS6.5AI score0.01777EPSS
Exploits0References1
Cisco
Cisco
added 2015/02/03 8:33 p.m.35 views

Cisco UCS C-Series Rack Servers Integrated Management Controller Cross-Frame Scripting Vulnerability

A vulnerability in the web interface of the Cisco Integrated Management Controller of the Cisco Unified Computing System C-Series Rack Servers could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability is due to insufficient HTML iframe...

4.3CVSS6.5AI score0.01476EPSS
Exploits0References1
Cisco
Cisco
added 2015/01/06 9:14 p.m.35 views

Cisco Identity Services Engine Periodic Backup Password Disclosure Vulnerability

A vulnerability in the periodic backup functionality of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to discover the password used to encrypt the backup on the system. The vulnerability is due to improper processing of certain client requests by the affected...

5CVSS6.4AI score0.01249EPSS
Exploits0References1
Cisco
Cisco
added 2014/12/23 9:4 p.m.35 views

Cisco IronPort ESA Subject Header Length Denial of Service Vulnerability

A vulnerability in Subject header length processing on Cisco IronPort Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a limited denial of service DoS condition on an affected platform. The vulnerability occurs because the appliance does not limit the length o...

5CVSS6.3AI score0.01232EPSS
Exploits0References1
Cisco
Cisco
added 2014/11/05 4:0 p.m.35 views

Multiple Vulnerabilities in Cisco Small Business RV Series Routers

The Cisco RV120W Wireless-N VPN Firewall, Cisco RV180 VPN Router, Cisco RV180W Wireless-N Multifunction VPN Router, and Cisco RV220W Wireless Network Security Firewall are affected by the following vulnerabilities: Cisco RV Series Routers Command Injection Vulnerability Cisco RV Series Routers HT...

9.4CVSS6.8AI score0.02579EPSS
Exploits0References1
Cisco
Cisco
added 2014/05/07 7:19 p.m.35 views

Cisco Broadcast Access Center for Telco and Wireless Cross-Site Request Forgery Vulnerability

A vulnerability in the web framework of the Cisco Broadcast Access Center for Telco and Wireless BAC-TW could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack against the Cisco BAC-TW web interface. The vulnerability is due to insufficient CSRF...

4.3CVSS6.5AI score0.00818EPSS
Exploits0References1
Cisco
Cisco
added 2014/03/26 4:0 p.m.35 views

Cisco IOS Software SSL VPN Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer SSL VPN subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a failure to process certain types of HTTP requests. To exploit the vulnerability, an attacke...

7.8CVSS6.7AI score0.02001EPSS
Exploits1References1
Cisco
Cisco
added 2014/03/05 4:0 p.m.35 views

Multiple Vulnerabilities in Cisco Wireless LAN Controllers

The Cisco Wireless LAN Controller WLC product family is affected by the following vulnerabilities: Cisco Wireless LAN Controller Denial of Service Vulnerability Cisco Wireless LAN Controller Unauthorized Access to Associated Access Points Vulnerability Cisco Wireless LAN Controller IGMP Version 3...

10CVSS6.1AI score0.0134EPSS
Exploits1References1
Cisco
Cisco
added 2013/11/22 4:6 p.m.35 views

Cisco Wireless LAN Controller Buffer Overread Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol of the Cisco Wireless LAN Controller WLC could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient data packet validation. An attack...

5CVSS2.7AI score0.01232EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/18 2:38 p.m.35 views

Cisco Unity Connection Directory Traversal Vulnerability

A vulnerability in the attachment service of Cisco Unity Connection, known as Cisco Unity Web Service or as Voice Message Web Service VMWS, could allow an authenticated, remote attacker to place files in arbitrary locations on an affected device. The vulnerability is due to a failure to properly...

4CVSS2.5AI score0.01466EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/17 4:0 p.m.35 views

Multiple Vulnerabilities in Cisco Intrusion Prevention System Software

Cisco Intrusion Prevention System IPS Software is affected by the following vulnerabilities: Cisco IPS Software Malformed IP Packets Denial of Service Vulnerability Cisco IPS Software Fragmented Traffic Denial of Service Vulnerability Cisco IPS NME Malformed IP Packets Denial of Service...

7.8CVSS6.9AI score
Exploits0References1
Cisco
Cisco
added 2013/02/27 4:0 p.m.35 views

Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities

Cisco Unified Communications Manager contains two vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. Exploitation of these vulnerabilities could cause an interruption of voice services. Cisco has released software updates that address...

7.8CVSS6.7AI score0.01328EPSS
Exploits0References1
Cisco
Cisco
added 2012/10/31 4:0 p.m.35 views

Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing

Cisco Unified MeetingPlace Web Conferencing is affected by two vulnerabilities: Cisco Unified MeetingPlace Web Conferencing SQL Injection Vulnerability Cisco Unified MeetingPlace Web Conferencing Buffer Overrun Vulnerability Exploitation of the Cisco Unified MeetingPlace Web Conferencing SQL...

8.5CVSS7.6AI score0.0202EPSS
Exploits0References1
Cisco
Cisco
added 2012/10/10 4:0 p.m.35 views

Multiple Vulnerabilities in Cisco Firewall Services Module

The Cisco Firewall Services Module FWSM for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by the following vulnerabilities: DCERPC Inspection Buffer Overflow Vulnerability DCERPC Inspection Denial Of Service Vulnerabilities These vulnerabilities are not...

9CVSS7.3AI score
Exploits0References1
Cisco
Cisco
added 2012/08/09 9:31 p.m.35 views

Cisco AnyConnect Secure Mobility Client Man-in-the-Middle Attack Vulnerability

Cisco AnyConnect Secure Mobility Client contains a vulnerability that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks. The vulnerability is due insufficient validation of certificates to be accepted by end users. An unauthenticated, remote attacker can exploit...

4.3CVSS3.8AI score0.00482EPSS
Exploits0References1
Cisco
Cisco
added 2012/06/20 5:16 p.m.35 views

Cisco AnyConnect Secure Mobility Client Software Downgrade Vulnerability

Cisco AnyConnect Secure Mobility Client contains a vulnerability that could allow an unauthenticated, remote attacker to replace software components. The vulnerability is due to improper sanitization of user-supplied input by the affected software's download feature. An unauthenticated, remote...

4.3CVSS4.5AI score0.01401EPSS
Exploits0References1
Cisco
Cisco
added 2012/06/20 4:0 p.m.35 views

Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability

Cisco ASA 5500 Series Adaptive Security Appliances Cisco ASA and Cisco Catalyst 6500 Series ASA Services Module Cisco ASASM contain a vulnerability that may allow an unauthenticated, remote attacker to cause the reload of the affected device. Cisco has released software updates that address this...

7.8CVSS6.2AI score0.01913EPSS
Exploits0References1
Cisco
Cisco
added 2012/01/18 4:0 p.m.35 views

Cisco Digital Media Manager Privilege Escalation Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

9CVSS6.2AI score0.03209EPSS
Exploits0References1
Cisco
Cisco
added 2011/04/20 9:20 p.m.35 views

Oracle Outside In Technology File Processing Arbitrary Code Execution Vulnerability

Oracle Outside In Technology components used by the Oracle Fusion Middleware applications contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability exists due to incorrect processing of Lotus 1-2-3 spreadsheet...

10CVSS6.5AI score0.00387EPSS
Exploits0References1
Cisco
Cisco
added 2010/12/03 8:24 p.m.35 views

Cisco IPsec VPN Implementation Group Name Enumeration Information Disclosure Vulnerability

Multiple Cisco VPN devices contain a vulnerability that could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability exists due to unsafe handling of error response codes. An unauthenticated, remote attacker could exploit this vulnerability by sending...

4.3CVSS6.5AI score0.01588EPSS
Exploits0References1
Cisco
Cisco
added 2009/07/27 4:0 p.m.35 views

Multiple Vulnerabilities in Cisco Wireless LAN Controllers

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS5.9AI score
Exploits0References1
Cisco
Cisco
added 2009/04/08 4:0 p.m.35 views

Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS5.9AI score
Exploits0References1
Cisco
Cisco
added 2008/01/16 4:0 p.m.35 views

Cisco Unified Communications Manager CTL Provider Heap Overflow

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS6.1AI score0.57108EPSS
Exploits0References1
Cisco
Cisco
added 2007/05/02 4:0 p.m.35 views

LDAP and VPN Vulnerabilities in PIX and ASA Appliances

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

6AI score
Exploits0References1
Cisco
Cisco
added 2007/01/10 5:6 p.m.35 views

Cisco Unified Contact Center and IP Contact Center JTapi Gateway Denial of Service Vulnerability

Cisco Unified Contact Center and Cisco IP Contact Center versions 5.0, 6.0, 7.0, and 7.1 contain a vulnerability that could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to insufficient handling of unexpected connections. An...

5CVSS6.5AI score0.01653EPSS
Exploits0References1
Cisco
Cisco
added 2006/09/05 5:39 p.m.35 views

OpenSSL RSA Signature Forgery Vulnerability

OpenSSL versions 0.9.7j and prior and 0.9.8b and prior contain a vulnerability that could allow an unauthenticated, remote attacker to successfully pass a forged X.509 certificate. The vulnerability could allow an unauthenticated, remote attacker to pass a forged Public-Key Cryptography Standards...

6.4CVSS7AI score0.00781EPSS
Exploits0References1
Cisco
Cisco
added 2006/07/26 10:36 p.m.35 views

Internet Key Exchange Protocol Version 1 Denial of Service Vulnerability

Multiple products contain a vulnerability in the implementation of the Internet Key Exchange IKE version 1 protocol. IKE is typically used for key exchange in IPSec, and IPSec is commonly used to encrypt data for VPN connections. The vulnerability affects IKE Phase 1 negotiations in both Main Mod...

5CVSS6.6AI score0.06748EPSS
Exploits0References1
Cisco
Cisco
added 2005/01/26 4:0 p.m.35 views

Crafted Packet Causes Reload on Cisco Routers

...

6.1CVSS3.6AI score0.01701EPSS
Exploits0References1
Cisco
Cisco
added 2002/02/12 8:0 p.m.35 views

Malformed SNMP Message-Handling Vulnerabilities

...

1.9AI score
Exploits0References1
Cisco
Cisco
added 2024/05/01 4:0 p.m.34 views

Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Vulnerabilities

Multiple vulnerabilities in Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause a denial of service DoS condition, gain unauthorized access, or view sensitive information on an affected system. For more information about these vulnerabilities, see the Details "details...

7.5CVSS7AI score0.00873EPSS
Exploits0References1
Cisco
Cisco
added 2024/03/27 4:0 p.m.34 views

Cisco Access Point Software Secure Boot Bypass Vulnerability

A vulnerability in the boot process of Cisco Access Point AP Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device. This vulnerability exists because unnecessary commands...

5.9CVSS5.7AI score0.00249EPSS
Exploits0References1
Cisco
Cisco
added 2023/09/06 4:0 p.m.34 views

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Stack Overflow Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of requests that are sent to the...

6.5CVSS7AI score0.00773EPSS
Exploits0References1
Total number of security vulnerabilities5000