Lucene search
K
CiscoMost viewed

5224 matches found

Cisco
Cisco
added 2014/07/28 8:0 p.m.24 views

Cisco WebEx Meetings Server OutlookAction Class Vulnerability

A vulnerability in the OutlookAction Class of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate valid user accounts. The vulnerability is due to improper sanitization of a returned message. An attacker could exploit this vulnerability by sending crafted URL...

5CVSS6.3AI score0.01794EPSS
Exploits0References1
Cisco
Cisco
added 2014/07/25 2:29 p.m.24 views

Cisco WebEx Meetings Server Stack Trace Vulnerability

A vulnerability in the ProfileAction controller of Cisco WebEx Meetings Server CWMS could allow an unauthenticated, remote attacker to view sensitive information. The vulnerability is due to improper sanitization of returned messages. An attacker could exploit this vulnerability by submitting...

5CVSS6.3AI score0.01846EPSS
Exploits0References1
Cisco
Cisco
added 2014/07/11 8:24 p.m.24 views

Cisco Adaptive Security Appliance Software Filter and Inspect Overlap Denial of Service Vulnerability

A vulnerability in the inspection and filter features of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to cause the affected system to reload. The vulnerability is due to an internal traffic loop condition that can be triggered when a received packet is...

5.4CVSS2.4AI score0.02119EPSS
Exploits0References1
Cisco
Cisco
added 2014/07/07 8:45 p.m.24 views

Cisco Intelligent Automation for Cloud Form Data Viewer Utility Vulnerability

A vulnerability in the Form Data Viewer utility of Cisco Intelligent Automation for Cloud could allow an authenticated, remote attacker to view passwords of provisioned systems. The vulnerability is due to the inclusion of passwords in the form data. An attacker could exploit this vulnerability b...

4CVSS6.3AI score0.01638EPSS
Exploits0References1
Cisco
Cisco
added 2014/06/20 2:59 p.m.24 views

Cisco WebEx Meeting Server Sensitive Information Disclosure Vulnerability

A vulnerability in the XML programmatic interface XML PI of Cisco WebEx Meeting Server could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to disclosure of the meeting information. An attacker could exploit this vulnerability by sending a crafte...

4CVSS6.3AI score0.01299EPSS
Exploits0References1
Cisco
Cisco
added 2014/06/11 6:29 p.m.24 views

Cisco NX-OS Software HSRP Authentication Denial of Service Vulnerability

A vulnerability in Hot Standby Router Protocol HSRP authentication in the Cisco Nexus series could allow an unauthenticated, adjacent attacker to affect the state of HSRP group members and cause black holing of traffic. The vulnerability is due to incorrect parsing of malformed HSRP packets. An...

4.8CVSS6.5AI score0.01117EPSS
Exploits0References1
Cisco
Cisco
added 2014/04/29 6:29 p.m.24 views

Cisco Unified Communications Manager Sensitive Information Disclosure Vulnerability

A vulnerability in Cisco IP Manager Assistant IPMA of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to access sensitive information on the affected device. The vulnerability is due to improper validation of user input. An attacker could...

5CVSS6.2AI score0.01186EPSS
Exploits0References1
Cisco
Cisco
added 2014/02/19 8:17 p.m.24 views

Cisco Unified Communications Manager IPMA Reflected Cross-Site Scripting Vulnerability

A vulnerability in the Cisco IP Manager Assistant IPMA interface of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is d...

4.3CVSS5.8AI score0.01792EPSS
Exploits1References1
Cisco
Cisco
added 2014/02/03 6:17 p.m.24 views

Cisco Unified Communications Manager Operating System-Level Privilege Escalation Vulnerability

A vulnerability in underlying file permissions of specific operating system-level commands of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, local attacker to gain elevated privileges. The vulnerability is due to insufficient file permissions. An attacker coul...

6CVSS6.6AI score0.00307EPSS
Exploits0References1
Cisco
Cisco
added 2014/01/22 6:58 p.m.24 views

Cisco MediaSense Open Redirection Vulnerability

A vulnerability in a specific URL parameter of Cisco MediaSense could allow an unauthenticated, remote attacker to perform site redirection. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including a desired remote site URL in the affect...

4.3CVSS6.5AI score0.02271EPSS
Exploits0References1
Cisco
Cisco
added 2014/01/10 3:54 p.m.24 views

Cisco Secure Access Control System Cross-Site Scripting Vulnerability

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of a parameter. An attacke...

4.3CVSS2.5AI score0.01445EPSS
Exploits0References1
Cisco
Cisco
added 2013/11/22 5:52 p.m.24 views

Cisco IOS Software ICMP Processing Denial of Service Vulnerability

A vulnerability in IPSec tunnel implementation of Cisco IOS Software could allow an unauthenticated, remote attacker to change the tunnel MTU or path MTU and potentially cause IPSec tunnels to drop. The vulnerability is due to incorrect processing of certain ICMP packets. An attacker could exploi...

4.3CVSS2.4AI score0.01084EPSS
Exploits0References1
Cisco
Cisco
added 2013/11/21 8:25 p.m.24 views

Cisco IOS Software MLDP Denial of Service Vulnerability

A vulnerability in MLDP processing of Cisco IOS Software on Cisco 7600 Series routers could allow an unauthenticated, remote attacker to cause a reload of the affected device, which could lead to a denial of service DoS condition. The vulnerability is due to chunk corruption when MLDP and a large...

5.4CVSS2.1AI score0.01127EPSS
Exploits0References1
Cisco
Cisco
added 2013/11/21 8:14 p.m.24 views

Cisco IOS XE Software AAA DHCP Denial of Service Vulnerability

A vulnerability in a DHCP function that assigns IP addresses to AAA clients on Cisco IOS XE Software could allow an authenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper processing of AAA packets that require IP address assignment from a DHC...

6.3CVSS2.4AI score0.00937EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/30 4:43 p.m.24 views

Cisco Unified Communications Manager Denial of Service Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to improper parsing of a SIP message. An attacker could exploit this vulnerability by sending a specific SIP...

4.3CVSS1.4AI score0.01084EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/11 3:9 p.m.24 views

Cisco Unified IP Phones 9900 Series Image Upgrade Command Injection Vulnerability

A vulnerability in the image upgrade facility of Cisco Unified IP Phones 9900 Series could allow an authenticated, local attacker to execute commands within the context of the underlying operating system. The vulnerability is due to insufficient sanitization of input during the image upgrade...

6CVSS1.2AI score0.00274EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/09 6:42 p.m.24 views

Cisco IOS Software DHCP Server remember Functionality Vulnerability

An issue in the DHCP server code of Cisco IOS Software could allow an unauthenticated, adjacent attacker to cause the device to reload. The issue is due to the remember functionality of the DHCP server. An attacker could exploit this issue by obtaining a lease and then releasing it. An exploit...

5.7CVSS2.2AI score0.00512EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/09 4:14 p.m.24 views

Cisco Firewall Services Module Command Authorization Vulnerability

A vulnerability in the authorization code of the Cisco Firewall Services Module FWSM could allow an authenticated but unprivileged, local attacker to delete, modify, or view the configuration of any other context of the affected system. The vulnerability is due to insufficient authorization...

6.8CVSS3.5AI score0.00283EPSS
Exploits0References1
Cisco
Cisco
added 2013/10/07 6:25 p.m.24 views

Cisco NX-OS Software Routing Information Protocol Denial of Service Vulnerability

A vulnerability in the Routing Information Protocol RIP service engine of Cisco NX-OS Software could allow an unauthenticated, remote attacker to create a denial of service DoS condition by causing the RIP service engine to restart. The vulnerability is due to improper input filtering of RIP...

5CVSS1.9AI score0.02999EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/30 8:41 p.m.24 views

Cisco TelePresence Multipoint Switch Media Snapshot Denial of Service Vulnerability

A vulnerability in the Media Snapshot code of Cisco TelePresence Multipoint Switch CTMS could allow an authenticated, remote attacker to cause the reload of the affected system, creating a denial of service DoS condition. The vulnerability is due to a failure in handling requests for Media Snapsh...

6.3CVSS2AI score0.01832EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/25 4:0 p.m.24 views

Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability

A vulnerability in the Zone-Based Firewall ZBFW component of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to hang or reload. The vulnerability is due to improper processing of specific HTTP packets when the device is configured for either Cisco IO...

7.8CVSS6.8AI score0.0194EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/24 8:20 p.m.24 views

Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability

A vulnerability in the initial setup script of Cisco Unified Computing System fabric interconnect FI devices could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to unfiltered input in the cluster initial...

5.1CVSS3AI score0.01944EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/19 5:8 p.m.24 views

Cisco Unified Computing System Cisco Management Controller Command Injection Vulnerability

A vulnerability in the Cisco Management Controller of the Cisco Unified Computing System could allow an authenticated, local attacker to execute commands on the underlying operation system with elevated privileges. The vulnerability is due to improper parameter input validation. An attacker could...

6.8CVSS3.2AI score0.00345EPSS
Exploits0References1
Cisco
Cisco
added 2013/08/21 4:0 p.m.24 views

Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability

Cisco Unified Communications Manager IM and Presence Service contains a denial of service DoS vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. Exploitation of this vulnerability could cause an interruption of presence services. Cisco h...

7.8CVSS6.5AI score0.01887EPSS
Exploits0References1
Cisco
Cisco
added 2013/08/07 4:0 p.m.24 views

Cisco TelePresence System Default Credentials Vulnerability

A vulnerability in Cisco TelePresence System could allow a remote attacker to access the web server via a user account that is created with default credentials. The vulnerability is due to a default user account being created at installation time. An attacker could exploit this vulnerability by...

10CVSS6.4AI score0.02096EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/31 4:0 p.m.24 views

Cisco WAAS Central Manager Remote Code Execution Vulnerability

Cisco Wide Area Application Services WAAS when configured as Central Manager CM, contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the affected system. Cisco has released software updates that address this vulnerability. Workarounds that...

10CVSS7.4AI score0.06002EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/25 1:23 p.m.24 views

Cisco ASA Software Cross-Site Scripting Vulnerability

A vulnerability in the WebVPN portal login page of the Cisco ASA could allow an unauthenticated, remote attacker to execute cross-site scripting XSS attacks or hijack user sessions. The vulnerability is due to a failure to properly validate user-supplied input in the WebVPN portal login page. An...

4.3CVSS0.9AI score0.02102EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/19 7:32 p.m.24 views

Cisco Unified IP Conference Station 7937G Denial of Service Vulnerability

A vulnerability in processing network traffic of the Cisco Unified IP Conference Station 7937G could allow an unauthenticated, remote attacker to create a denial of service DoS condition on the affected device. The vulnerability is due to resource constraints in processing a high rate of network...

5CVSS1.7AI score0.01553EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/15 3:26 p.m.24 views

Cisco Secure Access Control System Cross-Site Scripting Vulnerability

A vulnerability in the web interface of Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient input validation of a...

4.3CVSS1.4AI score0.00931EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/10 2:15 p.m.24 views

Cisco Unified Communications Management Products Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco unified communications management products could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validati...

4.3CVSS1.3AI score0.01148EPSS
Exploits0References1
Cisco
Cisco
added 2013/06/26 7:56 p.m.24 views

Cisco Unified Communications Manager Unified Serviceability CSRF Vulnerability

A vulnerability in the Cisco Unified Serviceability component of Cisco Unified Communications Manager CUCM could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this...

4.3CVSS3AI score0.00576EPSS
Exploits0References1
Cisco
Cisco
added 2013/06/13 4:39 p.m.24 views

Cisco Video Surveillance Operations Manager Help Page Redirect Vulnerability

A vulnerability in the help page of the Cisco Video Surveillance Operations Manager could allow an unauthenticated, remote attacker to load remote web pages on a victim's web browser. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...

4.3CVSS2.6AI score0.00958EPSS
Exploits0References1
Cisco
Cisco
added 2013/04/12 6:27 p.m.24 views

Cisco Jabber Extensible Communications Platform Connection Manager Vulnerability

A vulnerability in the Connection Manager component of Cisco Jabber Extensible Communications Platform Jabber XCP could allow an unauthenticated, remote attacker to crash the login connection manager service. The vulnerability is due to insufficient checking of received login data. An attacker...

5CVSS1.2AI score0.01232EPSS
Exploits0References1
Cisco
Cisco
added 2013/04/06 7:38 p.m.24 views

Cisco Tivoli Business Service Manager Denial of Service Vulnerability

Cisco Tivoli Business Service Manager TBSM, which is part of Cisco Hosted Collaboration Mediation HCM, contains a vulnerability that could allow an unauthenticated, remote attacker to cause a partial denial of service DoS. An attacker could exploit this vulnerability by sending a flood of TCP...

5CVSS2.3AI score0.01232EPSS
Exploits0References1
Cisco
Cisco
added 2013/01/16 4:0 p.m.24 views

Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability

A vulnerability in Cisco Adaptive Security Appliance ASA Software for the Cisco ASA 1000V Cloud Firewall may cause the Cisco ASA 1000V to reload after processing a malformed H.323 message. Cisco ASA 1000V Cloud Firewall is affected when H.323 inspection is enabled. Cisco has released software...

7.8CVSS6.3AI score0.0133EPSS
Exploits0References1
Cisco
Cisco
added 2012/08/10 9:56 p.m.24 views

Cisco IP Communicator Certificate Trust List Man-in-the-Middle Attack Vulnerability

Cisco IP Communicator contains a vulnerability that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks on a targeted system. The vulnerability is due insufficient validation of signing certificates in the Certificate Trust List which have been accepted by end...

6.8CVSS3.1AI score0.00519EPSS
Exploits0References1
Cisco
Cisco
added 2012/06/20 5:19 p.m.24 views

Cisco AnyConnect Secure Mobility Client and Secure Desktop WebLaunch Software Downgrade Vulnerability

Cisco AnyConnect Secure Mobility Client and Secure Desktop contain a vulnerability that could allow an unauthenticated, remote attacker to replace software components on a targeted system. The vulnerability exists because the affected software performs insufficient validation of user-supplied...

4.3CVSS6.5AI score0.01401EPSS
Exploits0References1
Cisco
Cisco
added 2012/06/20 5:16 p.m.24 views

Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability

Cisco AnyConnect Secure Mobility Client contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability is due to insufficient validation of user-supplied input that is received by the 64-bit Java applet that perfor...

6.8CVSS7.2AI score0.02035EPSS
Exploits0References1
Cisco
Cisco
added 2011/05/18 1:28 p.m.24 views

Cisco Unified Operations Manager Multiple Cross-Site Scripting Vulnerabilities

Cisco Unified Operations Manager contains multiple cross-site scripting vulnerabilities that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to insufficient validation of user-supplied input to certain scripts that make up the...

4.3CVSS6.2AI score0.21464EPSS
Exploits6References1
Cisco
Cisco
added 2011/04/27 3:10 p.m.24 views

Cisco Unified Communications Manager Potential SQL Injection Vulnerability

Cisco Unified Communications Manager contains a vulnerability that could allow an unauthenticated, remote attacker to conduct SQL injection on a vulnerable system. The vulnerability is in a JavaServer Pages JSP script due to insufficient checks on user-supplied input. An unauthenticated, remote...

6.4CVSS7.4AI score0.24822EPSS
Exploits1References1
Cisco
Cisco
added 2010/08/04 4:0 p.m.24 views

Multiple Vulnerabilities in Cisco Firewall Services Module

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS5.9AI score0.0122EPSS
Exploits0References1
Cisco
Cisco
added 2009/06/24 4:11 p.m.24 views

Cisco ASA Adaptive Security Appliance Software Clientless SSL VPN Rot13-Encoded Cross-Site Scripting Vulnerability

Cisco ASA Adaptive Security Appliance Software versions prior to 8.0.434, 8.1.225, and 8.2.13 that have been configured to accept Clientless SSL VPN connections contain a cross-site scripting vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary script or HTML co...

4.3CVSS6.4AI score0.01984EPSS
Exploits1References1
Cisco
Cisco
added 2008/05/21 4:0 p.m.24 views

Cisco Service Control Engine Denial of Service Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6AI score
Exploits0References1
Cisco
Cisco
added 2007/12/05 4:0 p.m.24 views

Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS6AI score
Exploits0References1
Cisco
Cisco
added 2007/04/12 4:0 p.m.24 views

Multiple Vulnerabilities in the Cisco Wireless Control System

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.1AI score0.01743EPSS
Exploits0References1
Cisco
Cisco
added 2007/02/28 12:0 a.m.24 views

Cisco Catalyst 6000, 6500 and Cisco 7600 Series MPLS Packet Vulnerability

Cisco Catalyst 6500 series systems that are running certain versions of Cisco Internetwork Operating System IOS are vulnerable to an attack from a Multi Protocol Label Switching MPLS packet. Only the systems that are running in Hybrid Mode Catalyst OS CatOS software on the Supervisor Engine and I...

6.1CVSS6.1AI score0.01036EPSS
Exploits0References1
Cisco
Cisco
added 2007/02/14 8:38 p.m.24 views

Cisco Firewall Services Module HTTPS Request Denial of Service Vulnerability

Cisco Firewall Services Module versions prior to 3.13.18 contain a vulnerability that could allow an unauthenticated, remote attacker to create a temporary denial of service DoS condition. The vulnerability is due to an error when handling malformed HTTPS requests on devices that are configured t...

5.4CVSS6.6AI score0.01493EPSS
Exploits0References1
Cisco
Cisco
added 2006/09/20 4:0 p.m.24 views

Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

5CVSS6.3AI score0.03511EPSS
Exploits0References1
Cisco
Cisco
added 2002/03/27 5:0 p.m.24 views

LDAP Connection Leak in CTI when User Authentication Fails

...

5CVSS1.7AI score0.01771EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2002/02/27 4:0 p.m.24 views

Data Leak with Cisco Express Forwarding Enabled

...

5CVSS1.9AI score0.01781EPSS
Exploits0References1
Total number of security vulnerabilities5000