Cisco Nexus 1000V VSM/VEM Heartbeat Denial of Service Vulnerability

A vulnerability in the Cisco Nexus 1000V could allow an unauthenticated, remote attacker to cause a Virtual Supervisor Module VSM to report a Virtual Ethernet Module VEM as unavailable. The vulnerability is due to insufficient prioritization for VSM/VEM heartbeat messages. An attacker could explo...

Cisco Unified Communications Manager Authentication Denial of Service Vulnerability

A vulnerability in device authentication of Cisco Unified Communications Manager CUCM could allow an unauthenticated, remote attacker to impact application response. The vulnerability is due to incomplete throttling of authentication requests. An attacker could exploit this vulnerability by sendi...

Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software

Cisco Unified Customer Voice Portal Software Unified CVP contains multiple vulnerabilities. Various components of Cisco Unified CVP are affected; see the "Details" section for more information on the vulnerabilities. These vulnerabilities can be exploited independently; however, more than one...

Cisco Adaptive Security Appliance Software and Firewall Services Module Software Secure Shell Denial of Service Vulnerability

A vulnerability in the implementation of the Secure Shell SSH function could allow an unauthenticated, remote attacker to deny SSH management access to legitimate users. The vulnerability is due to improper implementation of the logic to terminate SSH sessions. An attacker could exploit this...

Cisco Unified Presence Server Denial of Service Vulnerability

Cisco Unified Presence Server CUPS contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. Cisco has released software updates that address this vulnerability. A workaround is available to mitigate this...

Cisco Prime LAN Management Solution Command Execution Vulnerability

Cisco Prime LAN Management Solution LMS Virtual Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands with the privileges of the root user. The vulnerability is due to improper validation of authentication and authorization commands...

Cisco Wireless LAN Controller Cross-Site Request Forgery Vulnerability

Cisco Wireless LAN Controller WLC Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site request forgery attacks on a targeted system. The vulnerability is due to insufficient sanitization of user-supplied input processed by the WLC management...

Multiple Vulnerabilities in the Cisco WebEx Recording Format Player

The Cisco WebEx Recording Format WRF player contains six buffer overflow vulnerabilities. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. The Cisco WebEx WRF Player is an application...

Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability in the Intrusion Prevention System IPS feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist. Cisco has released software updates that address this...

Cisco Software Encryption Library Information Disclosure Vulnerability

Cisco software contains a vulnerability that could allow an unauthenticated, remote attacker to access sensitive information on a targeted system. The vulnerability is in the encryption library used by the vulnerable software. This library allows a portion of an encrypted packet to be sent...

Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability

Cisco ASA-CX Context-Aware Security appliance and Cisco Prime Security Manager PRSM contain a denial of service DoS vulnerability in versions prior to 9.0.2-103. Successful exploitation of this vulnerability on the Cisco ASA-CX could cause the device to stop processing user traffic and prevent...

Cisco IOS Software Reverse SSH Denial of Service Vulnerability

The Secure Shell SSH server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service DoS vulnerability in the SSH version 2 SSHv2 feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted...

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Secure Access Control System Password Modification Vulnerability

Cisco Secure Access Control System ACS contains a vulnerability that could allow an unauthenticated, remote attacker to modify user passwords. The vulnerability is due to improper security restrictions on user password change functions in the web-based management interface of the Cisco Secure ACS...

Management Center for Cisco Security Agent Remote Code Execution Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco IOS Software IPsec Vulnerability

A malformed Internet Key Exchange IKE packet may cause a device running Cisco IOS Software to reload. Only Cisco 7200 Series and Cisco 7301 routers running Cisco IOS software with a VPN Acceleration Module 2+ VAM2+ installed are affected. Cisco has released software updates that address this...

Multiple Vulnerabilities in Cisco Unified MeetingPlace

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco IOS Software Tunnels Vulnerability

Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service DoS attack if configured for IP tunnels and Cisco Express Forwarding. Cisco has released software updates that address this vulnerability. This advisory is posted at...

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Unified Communications Manager CAPF Denial of Service Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Denial of Service Vulnerabilities in Content Switching Module

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Trust Agent Local Privilege Escalation Vulnerability

Cisco Trust Agent versions 2.1103 and prior contain a vulnerability when running on Apple Mac OS X that could allow an unauthenticated, local user to bypass security restrictions and gain unauthorized access to the affected system. This vulnerability exists due to improper display of user...

Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Multiple Vulnerabilities in 802.1X Supplicant

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS)

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

SSL Certificate Validation Vulnerability in IDS Management Software

...

IPv6 Crafted Packet Vulnerability

Cisco Internetwork Operating System IOS® Software is vulnerable to a Denial of Service DoS and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process...

Crafted Packet Causes Reload on Cisco Routers

...

Cisco Nexus Dashboard Fabric Controller Plug and Play Arbitrary File Read Vulnerability

A vulnerability in the Out-of-Band OOB Plug and Play PnP feature of Cisco Nexus Dashboard Fabric Controller NDFC could allow an unauthenticated, remote attacker to read arbitrary files. This vulnerability is due to an unauthenticated provisioning web server. An attacker could exploit this...

Cisco UCS 6400 and 6500 Series Fabric Interconnects Intersight Managed Mode Denial of Service Vulnerability

A vulnerability in system resource management in Cisco UCS 6400 and 6500 Series Fabric Interconnects that are in Intersight Managed Mode IMM could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the Device Console UI of an affected device. This vulnerabilit...

Cisco Unified Intelligence Center Insufficient Access Control Vulnerability

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

ClamAV HFS+ File Scanning Infinite Loop Denial of Service Vulnerability

A vulnerability in the filesystem image parser for Hierarchical File System Plus HFS+ of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is...

Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...

Cisco Identity Services Engine Arbitrary File Delete and File Read Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about...

Cisco Identity Services Engine XML External Entity Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery SSRF attack through an affected device. To exploit these vulnerabilities, an attacker...

Cisco Duo Authentication for macOS and Duo Authentication for Windows Logon Offline Credentials Replay Vulnerability

A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP could allow an unauthenticated, physical attacker to replay valid user session credentials and gain unauthorized access to an affected macOS or Windows...

Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability

A vulnerability in the GRand Unified Bootloader GRUB for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary comman...

Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability

A vulnerability in the management web server of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly...

Cisco Network Convergence System 4000 Series TL1 Denial of Service Vulnerability

A vulnerability in the TL1 function of Cisco Network Convergence System NCS 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability b...

ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: May 2022

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus ClamAV versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of...

Cisco Firepower Management Center Software Information Disclosure Vulnerability

A vulnerability in the input protection mechanisms of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to view data without proper authorization. This vulnerability exists because of a protection mechanism that relies on the existence or values of a...

Cisco Enterprise Chat and Email Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email ECE could allow an unauthenticated, remote attacker to perform cross-site scripting XSS attacks, enumerate existing user accounts, and redirect a user to an undesired webpage. For more information...

Cisco Prime Access Registrar Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Access Registrar could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability exists because the web-based management interface does not sufficiently...

Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities

Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol ENIP traffic for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing duri...

Cisco SD-WAN vManage Software Cypher Query Language Injection Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management...

Cisco SD-WAN vManage Software Privilege Escalation Vulnerability

A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions. An...

Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate...