Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
•added 2014/01/23 5:21 p.m.•31 views

Cisco NX-OS Software Label Distribution Protocol Message Vulnerability

A vulnerability in the Label Distribution Protocol LDP message processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to stop accepting valid LDP sessions during a 60-second period. The vulnerability is due to how certain malformed LDP Hello...

5CVSS6.3AI score0.02079EPSS
Exploits0References1
Cisco
Cisco
•added 2014/01/21 2:54 p.m.•31 views

Cisco Secure ACS Portal Cross-Site Scripting Vulnerability

A vulnerability in the portal of the Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the portal on the affected system. The vulnerability is due to insufficient input validation of a parameter. A...

4.3CVSS5.4AI score0.01488EPSS
Exploits0References1
Cisco
Cisco
•added 2014/01/10 9:21 p.m.•31 views

Cisco Unity Connection Internet Message Access Protocol Denial of Service Vulnerability

A vulnerability in the Internet Message Access Protocol IMAP function of Cisco Unity Connection could allow an authenticated, remote attacker to cause 100 percent CPU utilization on the Cisco Unity Connection server, which may cause a denial of service DoS condition. The vulnerability is due to t...

6.8CVSS6.5AI score0.02835EPSS
Exploits0References1
Cisco
Cisco
•added 2013/12/02 9:23 p.m.•31 views

Cisco Adaptive Security Appliance Malformed DNS Reply Denial of Service Vulnerability

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause the reload of an affected system. The vulnerability is due to improper handling of DNS error cases when the Cisco ASA Software receives a DNS reply packet under a particular system...

5.4CVSS2.8AI score0.0117EPSS
Exploits0References1
Cisco
Cisco
•added 2013/10/30 7:26 p.m.•31 views

Cisco IOS Software Internet Key Exchange Version 2 Anti-replay Protection Disabled Vulnerability

A vulnerability in the implementation of the Cisco IOS Software Internet Key Exchange version 2 IKEv2 protocol may cause the anti-replay capabilities of IPsec to be disabled. This issue occurs only when using the Advanced Encryption Standard Galois/Counter Mode AES-GCM or the AES Galois Message...

5CVSS1.8AI score0.01134EPSS
Exploits0References1
Cisco
Cisco
•added 2013/10/25 3:0 p.m.•31 views

Cisco Identity Services Engine Guest User Account Exhaustion Vulnerability

A vulnerability in Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to exhaust guest user account resources. The vulnerability is due to a guest account creation page that allows unlimited guest accounts to be created upon refreshing the page. An attacker could...

5CVSS2AI score0.01232EPSS
Exploits0References1
Cisco
Cisco
•added 2013/10/08 5:57 p.m.•31 views

Cisco NX-OS Software Input Validation Vulnerability

A vulnerability in the Stream Editor sed command-line filter in Cisco NX-OS Software could allow an authenticated, local attacker to read and write arbitrary files. The vulnerability is due to an input validation issue. An attacker could exploit this vulnerability by using the sed r and sed w...

6.2CVSS2.6AI score0.003EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/25 4:0 p.m.•31 views

Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability

A vulnerability in the implementation of the Network Time Protocol NTP feature in Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to the improper handling of multicas...

7.1CVSS6.9AI score0.01748EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/25 4:0 p.m.•31 views

Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability

A vulnerability in the Internet Key Exchange IKE protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a device reload. The vulnerability is due to incorrect handling of malformed IKE packets by the...

7.8CVSS6.6AI score0.0196EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/24 7:16 p.m.•31 views

Cisco Unified Computing System Baseboard Management Controller Arbitrary Command Execution Vulnerability

A vulnerability in the fabric interconnect FI of Cisco Unified Computing System could allow an authenticated, local attacker to execute arbitrary commands on the Baseboard Management Controller BMC with elevated privileges. The vulnerability is due to improper input validation in the MCTOOLS...

6.6CVSS3.2AI score0.00319EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/24 7:10 p.m.•31 views

Cisco Unified Computing System Blade Management Controller Information Disclosure Vulnerability

A vulnerability in the Intelligent Platform Management Interface IPMI of the Cisco Unified Computing System Blade Management Controller could allow an unauthenticated, remote attacker to discover valid usernames. The vulnerability is due to a requirement defined in the IPMI specification. An...

5CVSS1.9AI score0.01652EPSS
Exploits0References1
Cisco
Cisco
•added 2013/09/18 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco Prime Data Center Network Manager

Cisco Prime Data Center Network Manager DCNM contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to disclose file components, and access text files on an affected device. Various components of Cisco Prime DCNM are affected. These vulnerabilities can be exploited...

10CVSS9.8AI score0.75962EPSS
Exploits6References1
Cisco
Cisco
•added 2012/07/11 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch

Cisco TelePresence Multipoint Switch contains the following vulnerabilities: Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability Exploitation of the Cisco TelePresence Malformed IP Packets Denial o...

8.3CVSS7.2AI score
Exploits0References1
Cisco
Cisco
•added 2011/10/26 4:0 p.m.•31 views

Cisco Unified Contact Center Express Directory Traversal Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6AI score0.26393EPSS
Exploits0References1
Cisco
Cisco
•added 2011/10/05 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco Firewall Services Module

The Cisco Firewall Services Module FWSM for the Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers is affected by the following vulnerabilities: Syslog Message Memory Corruption Denial of Service Vulnerability Authentication Proxy Denial of Service Vulnerability TACACS+...

7.8CVSS6.3AI score
Exploits0References1
Cisco
Cisco
•added 2011/08/24 2:19 p.m.•31 views

Cisco IOS Software SSH Banner Processing Error Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper handling of login banners by Cisco IOS Software. An authenticated, remote attacker could exploit this vulnerability by...

7.8CVSS6.6AI score0.0121EPSS
Exploits0References1
Cisco
Cisco
•added 2010/03/24 4:0 p.m.•31 views

Cisco IOS Software IPsec Vulnerability

A malformed Internet Key Exchange IKE packet may cause a device running Cisco IOS Software to reload. Only Cisco 7200 Series and Cisco 7301 routers running Cisco IOS software with a VPN Acceleration Module 2+ VAM2+ installed are affected. Cisco has released software updates that address this...

7.8CVSS6.5AI score0.0297EPSS
Exploits0References1
Cisco
Cisco
•added 2009/03/25 12:0 a.m.•31 views

Cisco IOS Software Multiple Features IP Sockets Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.1CVSS6.3AI score0.01762EPSS
Exploits0References1
Cisco
Cisco
•added 2008/09/24 4:0 p.m.•31 views

Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS5.9AI score
Exploits0References1
Cisco
Cisco
•added 2008/09/24 4:0 p.m.•31 views

Cisco IOS Software Firewall Application Inspection Control Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.1CVSS6.1AI score0.02781EPSS
Exploits1References1
Cisco
Cisco
•added 2008/06/04 4:0 p.m.•31 views

Multiple Vulnerabilities in Cisco PIX and Cisco ASA

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS5.9AI score
Exploits0References1
Cisco
Cisco
•added 2007/10/10 4:0 p.m.•31 views

Cisco Wireless Control System Conversion Utility Adds Default Password

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS6.3AI score0.02566EPSS
Exploits0References1
Cisco
Cisco
•added 2007/01/10 4:0 p.m.•31 views

DLSw Vulnerability

A vulnerability exists in the Data-link Switching DLSw feature in Cisco IOS where an invalid value in a DLSw message could result in a reload of the DLSw device. Successful exploitation of this vulnerability requires that an attacker be able to establish a DLSw connection to the device. There are...

5CVSS5.9AI score0.02543EPSS
Exploits0References1
Cisco
Cisco
•added 2006/01/12 4:0 p.m.•31 views

Access Point Memory Exhaustion from ARP Attacks

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

5.5CVSS6.3AI score0.10248EPSS
Exploits1References1
Cisco
Cisco
•added 2005/12/01 9:0 p.m.•31 views

IOS HTTP Server Command Injection Vulnerability

A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicio...

2.6CVSS1.2AI score0.0276EPSS
Exploits1References1
Cisco
Cisco
•added 2004/08/18 3:0 p.m.•31 views

Cisco IOS Malformed OSPF Packet Causes Reload

...

5CVSS2.5AI score0.0343EPSS
Exploits0References1
Cisco
Cisco
•added 2002/07/30 6:0 p.m.•31 views

TFTP Long Filename Vulnerability

...

7.1CVSS1.2AI score0.09085EPSS
Exploits0References1Affected Software2
Cisco
Cisco
•added 2002/06/17 7:0 p.m.•31 views

Cable Modem Termination System Authentication Bypass

...

7.5CVSS2.9AI score0.01186EPSS
Exploits0References1Affected Software1
Cisco
Cisco
•added 2001/11/28 4:0 p.m.•31 views

A Vulnerability in IOS Firewall Feature Set

...

7.5CVSS1.8AI score0.02091EPSS
Exploits0References1Affected Software1
Cisco
Cisco
•added 2026/03/25 4:0 p.m.•30 views

Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

6.1CVSS6.2AI score0.00162EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•30 views

Cisco Secure Client Software Denial of Service Vulnerability

A vulnerability in Internet Key Exchange version 2 IKEv2 processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this...

4.3CVSS5.5AI score0.00573EPSS
Exploits0References1
Cisco
Cisco
•added 2024/07/17 4:0 p.m.•30 views

Cisco Identity Services Engine Arbitrary File Upload Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit this vulnerability, an attacker would need at least valid Policy Admin credentials on the affected...

4.7CVSS5.4AI score0.00471EPSS
Exploits0References1
Cisco
Cisco
•added 2024/04/17 4:0 p.m.•30 views

Cisco Integrated Management Controller CLI Command Injection Vulnerability

A vulnerability in the CLI of the Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or high...

8.8CVSS8.7AI score0.01172EPSS
Exploits0References1
Cisco
Cisco
•added 2024/04/03 4:0 p.m.•30 views

Cisco Nexus Dashboard and Nexus Dashboard Hosted Services Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF...

7.5CVSS7.9AI score0.0026EPSS
Exploits0References1
Cisco
Cisco
•added 2024/04/03 4:0 p.m.•30 views

Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability

A vulnerability in the web UI of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web UI does not properly validate user-supplied input. An attacker...

5.4CVSS5.3AI score0.00373EPSS
Exploits0References1
Cisco
Cisco
•added 2024/03/06 4:0 p.m.•30 views

Cisco AppDynamics Controller Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco AppDynamics Controller could allow an authenticated, remote attacker to perform a reflected cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of...

5.4CVSS5.3AI score0.00358EPSS
Exploits0References1
Cisco
Cisco
•added 2024/03/06 4:0 p.m.•30 views

Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation Vulnerability

A vulnerability in the ISE Posture System Scan module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerabilit...

7.3CVSS7.5AI score0.00888EPSS
Exploits1References1
Cisco
Cisco
•added 2023/10/18 4:0 p.m.•30 views

Cisco Catalyst SD-WAN Manager Local File Inclusion Vulnerability

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerabilit...

6.5CVSS6.4AI score0.00529EPSS
Exploits0References1
Cisco
Cisco
•added 2023/09/13 4:0 p.m.•30 views

Cisco IOS XR Software Compression ACL Bypass Vulnerability

A vulnerability in the classic access control list ACL compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect destination address range...

5.8CVSS5.4AI score0.00545EPSS
Exploits1References1
Cisco
Cisco
•added 2023/09/13 4:0 p.m.•30 views

Cisco IOS XR Software iPXE Boot Signature Bypass Vulnerability

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

6.7CVSS6.8AI score0.00095EPSS
Exploits0References1
Cisco
Cisco
•added 2023/08/02 4:0 p.m.•30 views

Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface...

5.4CVSS5.3AI score0.00358EPSS
Exploits0References1
Cisco
Cisco
•added 2023/07/19 4:0 p.m.•30 views

Cisco BroadWorks Privilege Escalation Vulnerability

A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploi...

4.4CVSS7.8AI score0.00148EPSS
Exploits0References1
Cisco
Cisco
•added 2023/06/07 4:0 p.m.•30 views

Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...

4.3CVSS6.6AI score0.00517EPSS
Exploits0References1
Cisco
Cisco
•added 2023/02/01 4:0 p.m.•30 views

Cisco Identity Services Engine XML External Entity Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive information, conduct a server-side request forgery SSRF attack through an affected device, or negatively impact the responsiveness of the...

6CVSS6.1AI score0.0075EPSS
Exploits0References1
Cisco
Cisco
•added 2022/11/09 4:0 p.m.•30 views

Cisco Firepower Management Center Software Command Injection Vulnerabilities

Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. These vulnerabilities are due to insufficient validation of user-supplied...

6.3CVSS7.7AI score
Exploits0References1
Cisco
Cisco
•added 2022/11/09 4:0 p.m.•30 views

Cisco Secure Firewall 3100 Series Secure Boot Bypass Vulnerability

A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance ASA Software or Cisco Firepower Threat Defense FTD Software could allow an unauthenticated attacker with physical access to the device to bypass the secure bo...

6.4CVSS6.7AI score0.00323EPSS
Exploits0References1
Cisco
Cisco
•added 2022/11/02 4:0 p.m.•30 views

Cisco Email Security Appliance and Cisco Secure Email and Web Manager HTTP Response Header Injection Vulnerability

A vulnerability in Cisco Email Security Appliance ESA and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input...

4.7CVSS5AI score0.00546EPSS
Exploits0References1
Cisco
Cisco
•added 2022/09/14 4:0 p.m.•30 views

Cisco IOS XR Software Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device. This vulnerability is due to a heap buffer overflow in certain Cisco Discovery...

4.3CVSS5.3AI score0.00958EPSS
Exploits0References1
Cisco
Cisco
•added 2022/07/06 4:0 p.m.•30 views

Cisco Unified Communications Products Timing Attack Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a timing attack. This vulnerability is due to insufficient...

5.3CVSS5.2AI score0.00871EPSS
Exploits0References1
Cisco
Cisco
•added 2022/04/27 4:0 p.m.•30 views

Cisco Firepower Management Center File Upload Security Bypass Vulnerability

A vulnerability in the web management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to bypass security protections and upload malicious files to the affected system. This vulnerability is due to improper validation of files uploaded to t...

6.5CVSS7.8AI score0.03902EPSS
Exploits0References1
Total number of security vulnerabilities5000