Lucene search
K
CiscoMost viewed

5224 matches found

Cisco
Cisco
•added 2015/02/16 7:55 p.m.•31 views

Cisco ASA Challenge-Response Tunnel Group Selection Bypass Vulnerability

A vulnerability in the authentication code of Cisco ASA Software could allow an authenticated, remote attacker to access resources of a VPN tunnel group. The vulnerability is due to improper implementation of the tunnel group selection when a user authenticates to the remote access VPN via the...

4CVSS6.6AI score0.01782EPSS
Exploits0References1
Cisco
Cisco
•added 2015/01/14 3:54 p.m.•31 views

Cisco WebEx Meetings Server User Enumeration Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to guess valid user accounts on the targeted system. The vulnerability exists because the affected software fails to refresh the CAPTCHA on the login page. An attacker could exploit this vulnerability b...

5CVSS6.5AI score0.01369EPSS
Exploits0References1
Cisco
Cisco
•added 2015/01/12 7:38 p.m.•31 views

Cisco Secure Access Control Server Open Redirect Vulnerability

A vulnerability in the web interface of Cisco Secure Access Control Server ACS could allow an unauthenticated, remote attacker to conduct a web page open redirection attack against a user's browser. The vulnerability is due to insufficient input validation of a specific parameter. An attacker cou...

4.3CVSS6.5AI score0.0118EPSS
Exploits0References1
Cisco
Cisco
•added 2014/10/08 4:36 p.m.•31 views

Cisco ASA Authenticated Linux Shell Access Vulnerability

A vulnerability in the Virtual Network Management Center VNMC policy code of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, local attacker to access the underlying Linux operating system with the privileges of the root user. The vulnerability is due to insufficient...

6.8CVSS6.1AI score0.00349EPSS
Exploits0References1
Cisco
Cisco
•added 2014/09/19 8:1 p.m.•31 views

Cisco IOS XR Software Malformed TACACS+ Packet Denial of Service Vulnerability

A vulnerability in TACACS+ processing of Cisco IOS XR could allow an unauthenticated, remote attacker to cause a reload of the TACACS+ daemon tacacsd on the affected device. The vulnerability is due to improper parsing of a malformed TACACS+ packet. An attacker could exploit this vulnerability by...

5CVSS6.4AI score0.01792EPSS
Exploits0References1
Cisco
Cisco
•added 2014/09/19 6:5 p.m.•31 views

Cisco IOS XR Software Malformed SNMPv2 Packet Denial of Service Vulnerability

A vulnerability in Simple Network Management Protocol SNMP version 2 SNMPv2 processing of Cisco IOS XR could allow an authenticated, remote attacker to cause a reload of the SNMP daemon snmpd process on an affected device. The vulnerability is due to improper parsing of a malformed SNMPv2 packet...

4CVSS6.4AI score0.01386EPSS
Exploits0References1
Cisco
Cisco
•added 2014/05/28 6:8 p.m.•31 views

Cisco Wide Area Application Services Partial Denial of Service Vulnerability

A vulnerability in Cisco Wide Area Application Services WAAS software, when configured with the SharePoint acceleration feature, could allow an unauthenticated, remote attacker to cause a reload of the application optimization handler. The vulnerability is due to incorrect parsing of SharePoint...

5CVSS6.2AI score0.0297EPSS
Exploits0References1
Cisco
Cisco
•added 2014/04/23 4:3 p.m.•31 views

Cisco Adaptive Security Appliance Software SIP Inspection Memory Leak Vulnerability

A vulnerability in the Session Initiation Protocol SIP inspection engine code could allow an unauthenticated, remote attacker to cause a slow memory leak, which may cause instability on the affected system. The vulnerability is due to improper handling of SIP packets inspected by the Cisco Adapti...

5CVSS6.1AI score0.01753EPSS
Exploits0References1
Cisco
Cisco
•added 2014/02/26 4:0 p.m.•31 views

Cisco Prime Infrastructure Command Execution Vulnerability

A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper validation of URL requests. An attacker could exploit this vulnerability by requesting an unauthorized command...

9CVSS7.2AI score0.02106EPSS
Exploits1References1
Cisco
Cisco
•added 2014/02/12 5:40 p.m.•31 views

Cisco Unified Communications Manager IPMA Cross-Site Scripting Vulnerability

A vulnerability in the Cisco IP Manager Assistant IPMA interface of Cisco Unified Communications Manager UCM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to...

4.3CVSS5.6AI score0.01161EPSS
Exploits0References1
Cisco
Cisco
•added 2014/01/23 5:21 p.m.•31 views

Cisco NX-OS Software Label Distribution Protocol Message Vulnerability

A vulnerability in the Label Distribution Protocol LDP message processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to stop accepting valid LDP sessions during a 60-second period. The vulnerability is due to how certain malformed LDP Hello...

5CVSS6.3AI score0.02079EPSS
Exploits0References1
Cisco
Cisco
•added 2014/01/21 2:54 p.m.•31 views

Cisco Secure ACS Portal Cross-Site Scripting Vulnerability

A vulnerability in the portal of the Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the portal on the affected system. The vulnerability is due to insufficient input validation of a parameter. A...

4.3CVSS5.4AI score0.01488EPSS
Exploits0References1
Cisco
Cisco
•added 2014/01/10 9:21 p.m.•31 views

Cisco Unity Connection Internet Message Access Protocol Denial of Service Vulnerability

A vulnerability in the Internet Message Access Protocol IMAP function of Cisco Unity Connection could allow an authenticated, remote attacker to cause 100 percent CPU utilization on the Cisco Unity Connection server, which may cause a denial of service DoS condition. The vulnerability is due to t...

6.8CVSS6.5AI score0.02835EPSS
Exploits0References1
Cisco
Cisco
•added 2013/12/02 9:23 p.m.•31 views

Cisco Adaptive Security Appliance Malformed DNS Reply Denial of Service Vulnerability

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause the reload of an affected system. The vulnerability is due to improper handling of DNS error cases when the Cisco ASA Software receives a DNS reply packet under a particular system...

5.4CVSS2.8AI score0.0117EPSS
Exploits0References1
Cisco
Cisco
•added 2013/10/30 7:26 p.m.•31 views

Cisco IOS Software Internet Key Exchange Version 2 Anti-replay Protection Disabled Vulnerability

A vulnerability in the implementation of the Cisco IOS Software Internet Key Exchange version 2 IKEv2 protocol may cause the anti-replay capabilities of IPsec to be disabled. This issue occurs only when using the Advanced Encryption Standard Galois/Counter Mode AES-GCM or the AES Galois Message...

5CVSS1.8AI score0.01134EPSS
Exploits0References1
Cisco
Cisco
•added 2013/10/25 3:0 p.m.•31 views

Cisco Identity Services Engine Guest User Account Exhaustion Vulnerability

A vulnerability in Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to exhaust guest user account resources. The vulnerability is due to a guest account creation page that allows unlimited guest accounts to be created upon refreshing the page. An attacker could...

5CVSS2AI score0.01232EPSS
Exploits0References1
Cisco
Cisco
•added 2013/10/15 7:52 p.m.•31 views

Cisco WebEx Meetings Server Deployment Passphrase Bypass Vulnerability

A vulnerability in the deployment module of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to bypass the passphrase check during the deployment of a virtual machine. The vulnerability is due to a flaw in the validation of the passphrase. An attacker could exploit this...

4.3CVSS1.1AI score0.01173EPSS
Exploits0References1
Cisco
Cisco
•added 2013/10/08 5:57 p.m.•31 views

Cisco NX-OS Software Input Validation Vulnerability

A vulnerability in the Stream Editor sed command-line filter in Cisco NX-OS Software could allow an authenticated, local attacker to read and write arbitrary files. The vulnerability is due to an input validation issue. An attacker could exploit this vulnerability by using the sed r and sed w...

6.2CVSS2.6AI score0.003EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/25 4:0 p.m.•31 views

Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability

A vulnerability in the implementation of the Network Time Protocol NTP feature in Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the improper handling of multicas...

7.1CVSS6.9AI score0.01748EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/25 4:0 p.m.•31 views

Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability

A vulnerability in the Internet Key Exchange IKE protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a device reload. The vulnerability is due to incorrect handling of malformed IKE packets by the...

7.8CVSS6.6AI score0.0196EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/24 7:16 p.m.•31 views

Cisco Unified Computing System Baseboard Management Controller Arbitrary Command Execution Vulnerability

A vulnerability in the fabric interconnect FI of Cisco Unified Computing System could allow an authenticated, local attacker to execute arbitrary commands on the Baseboard Management Controller BMC with elevated privileges. The vulnerability is due to improper input validation in the MCTOOLS...

6.6CVSS3.2AI score0.00319EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/24 7:10 p.m.•31 views

Cisco Unified Computing System Blade Management Controller Information Disclosure Vulnerability

A vulnerability in the Intelligent Platform Management Interface IPMI of the Cisco Unified Computing System Blade Management Controller could allow an unauthenticated, remote attacker to discover valid usernames. The vulnerability is due to a requirement defined in the IPMI specification. An...

5CVSS1.9AI score0.01652EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/18 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco Prime Data Center Network Manager

Cisco Prime Data Center Network Manager DCNM contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to disclose file components, and access text files on an affected device. Various components of Cisco Prime DCNM are affected. These vulnerabilities can be exploited...

10CVSS9.8AI score0.75962EPSS
Exploits6References1
Cisco
Cisco
•added 2013/07/22 7:25 p.m.•31 views

Cisco Aironet 3600 Series Access Point Denial of Service Vulnerability

A vulnerability in the Cisco Aironet 3600 Series Access Point could allow an unauthenticated, remote attacker to trigger a denial of service condition. The vulnerability is due to a memory corruption condition that could occur when the device switches between FlexConnect and Standalone mode. An...

5.4CVSS7.2AI score0.0154EPSS
Exploits0References1
Cisco
Cisco
•added 2013/06/26 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco Email Security Appliance

Cisco IronPort AsyncOS Software for Cisco Email Security Appliance is affected by the following vulnerabilities: Web Framework Authenticated Command Injection Vulnerability IronPort Spam Quarantine Denial of Service Vulnerability Management GUI Denial of Service Vulnerability Successful...

9CVSS7.7AI score0.0353EPSS
Exploits1References1
Cisco
Cisco
•added 2012/07/11 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch

Cisco TelePresence Multipoint Switch contains the following vulnerabilities: Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability Exploitation of the Cisco TelePresence Malformed IP Packets Denial o...

8.3CVSS7.2AI score
Exploits0References1
Cisco
Cisco
•added 2011/10/26 4:0 p.m.•31 views

Cisco Unified Contact Center Express Directory Traversal Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6AI score0.26393EPSS
Exploits0References1
Cisco
Cisco
•added 2011/10/05 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco Firewall Services Module

The Cisco Firewall Services Module FWSM for the Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers is affected by the following vulnerabilities: Syslog Message Memory Corruption Denial of Service Vulnerability Authentication Proxy Denial of Service Vulnerability TACACS+...

7.8CVSS6.3AI score
Exploits0References1
Cisco
Cisco
•added 2011/08/24 2:19 p.m.•31 views

Cisco IOS Software SSH Banner Processing Error Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper handling of login banners by Cisco IOS Software. An authenticated, remote attacker could exploit this vulnerability by...

7.8CVSS6.6AI score0.0121EPSS
Exploits0References1
Cisco
Cisco
•added 2010/03/24 4:0 p.m.•31 views

Cisco IOS Software IPsec Vulnerability

A malformed Internet Key Exchange IKE packet may cause a device running Cisco IOS Software to reload. Only Cisco 7200 Series and Cisco 7301 routers running Cisco IOS software with a VPN Acceleration Module 2+ VAM2+ installed are affected. Cisco has released software updates that address this...

7.8CVSS6.5AI score0.0297EPSS
Exploits0References1
Cisco
Cisco
•added 2009/03/25 4:0 p.m.•31 views

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.3AI score0.02945EPSS
Exploits0References1
Cisco
Cisco
•added 2009/03/25 12:0 a.m.•31 views

Cisco IOS Software Multiple Features IP Sockets Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.1CVSS6.3AI score0.01762EPSS
Exploits0References1
Cisco
Cisco
•added 2008/09/24 4:0 p.m.•31 views

Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS5.9AI score
Exploits0References1
Cisco
Cisco
•added 2008/09/24 4:0 p.m.•31 views

Cisco IOS Software Firewall Application Inspection Control Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.1CVSS6.1AI score0.02781EPSS
Exploits1References1
Cisco
Cisco
•added 2008/06/04 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco PIX and Cisco ASA

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS5.9AI score
Exploits0References1
Cisco
Cisco
•added 2008/05/14 4:0 p.m.•31 views

Cisco Content Switching Module Memory Leak Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.2AI score0.01916EPSS
Exploits1References1
Cisco
Cisco
•added 2007/01/10 4:0 p.m.•31 views

DLSw Vulnerability

A vulnerability exists in the Data-link Switching DLSw feature in Cisco IOS where an invalid value in a DLSw message could result in a reload of the DLSw device. Successful exploitation of this vulnerability requires that an attacker be able to establish a DLSw connection to the device. There are...

5CVSS5.9AI score0.02543EPSS
Exploits0References1
Cisco
Cisco
•added 2006/01/12 4:0 p.m.•31 views

Access Point Memory Exhaustion from ARP Attacks

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

5.5CVSS6.3AI score0.10248EPSS
Exploits1References1
Cisco
Cisco
•added 2005/12/01 9:0 p.m.•31 views

IOS HTTP Server Command Injection Vulnerability

A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicio...

2.6CVSS1.2AI score0.0276EPSS
Exploits1References1
Cisco
Cisco
•added 2004/08/18 3:0 p.m.•31 views

Cisco IOS Malformed OSPF Packet Causes Reload

...

5CVSS2.5AI score0.0343EPSS
Exploits0References1
Cisco
Cisco
•added 2002/07/30 6:0 p.m.•31 views

TFTP Long Filename Vulnerability

...

7.1CVSS1.2AI score0.09085EPSS
Exploits0References1Affected Software2
Cisco
Cisco
•added 2002/06/17 7:0 p.m.•31 views

Cable Modem Termination System Authentication Bypass

...

7.5CVSS2.9AI score0.01186EPSS
Exploits0References1Affected Software1
Cisco
Cisco
•added 2001/11/28 4:0 p.m.•31 views

A Vulnerability in IOS Firewall Feature Set

...

7.5CVSS1.8AI score0.02091EPSS
Exploits0References1Affected Software1
Cisco
Cisco
•added 2024/07/17 4:0 p.m.•30 views

Cisco Identity Services Engine Arbitrary File Upload Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit this vulnerability, an attacker would need at least valid Policy Admin credentials on the affected...

4.7CVSS5.4AI score0.00471EPSS
Exploits0References1
Cisco
Cisco
•added 2024/04/17 4:0 p.m.•30 views

Cisco Integrated Management Controller CLI Command Injection Vulnerability

A vulnerability in the CLI of the Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or high...

8.8CVSS8.7AI score0.01172EPSS
Exploits0References1
Cisco
Cisco
•added 2024/04/03 4:0 p.m.•30 views

Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability

A vulnerability in the web UI of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web UI does not properly validate user-supplied input. An attacker...

5.4CVSS5.3AI score0.00373EPSS
Exploits0References1
Cisco
Cisco
•added 2024/04/03 4:0 p.m.•30 views

Cisco Nexus Dashboard and Nexus Dashboard Hosted Services Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF...

7.5CVSS7.9AI score0.0026EPSS
Exploits0References1
Cisco
Cisco
•added 2024/03/06 4:0 p.m.•30 views

Cisco AppDynamics Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco AppDynamics Controller could allow an authenticated, remote attacker to perform a reflected cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of...

5.4CVSS5.3AI score0.00358EPSS
Exploits0References1
Cisco
Cisco
•added 2023/10/18 4:0 p.m.•30 views

Cisco Catalyst SD-WAN Manager Local File Inclusion Vulnerability

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerabilit...

6.5CVSS6.4AI score0.00529EPSS
Exploits0References1
Cisco
Cisco
•added 2023/09/13 4:0 p.m.•30 views

Cisco IOS XR Software Compression ACL Bypass Vulnerability

A vulnerability in the classic access control list ACL compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect destination address range...

5.8CVSS5.4AI score0.00545EPSS
Exploits1References1
Total number of security vulnerabilities5000