Cisco IOS Command History Release at Login Prompt

...

Cisco IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 1 IKEv1 implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability. This vulnerability is du...

Cisco Catalyst Center Unauthenticated API Access Vulnerability

A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings. This vulnerability is due to the lack of authentication in an API endpoint. An attacker could...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software IKEv2 VPN Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol for VPN termination of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

Cisco Secure Client Software Denial of Service Vulnerability

A vulnerability in Internet Key Exchange version 2 IKEv2 processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this...

Cisco IOS XE Software for Wireless Controllers CWA Pre-Authentication ACL Bypass Vulnerability

A vulnerability in the Central Web Authentication CWA feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list ACL, which could allow access to network resources before user authentication. Thi...

Cisco Smart Licensing Utility Vulnerabilities

Multiple vulnerabilities in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to collect sensitive information or administer Cisco Smart Licensing Utility services on a system while the software is running. Cisco has released software updates that address these...

Cisco AppDynamics Network Visibility Service Denial of Service Vulnerability

A vulnerability in Cisco AppDynamics Network Visibility Agent could allow an unauthenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to the inability to handle unexpected input. An attacker who has local device access could explo...

Cisco Crosswork Network Services Orchestrator Vulnerabilities

Multiple vulnerabilities in the Cisco Crosswork Network Services Orchestrator NSO CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root or elevate privileges to root on the underlying operating system. For more information about these...

Cisco Crosswork Network Services Orchestrator Privilege Escalation Vulnerability

A vulnerability in the Tail-f High Availability Cluster Communications HCC function pack of Cisco Crosswork Network Services Orchestrator NSO could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability exists because a user-controlled searc...

Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against an authenticated user of the interface. This vulnerability exists because t...

Cisco IOS XR Software SSH Privilege Escalation Vulnerability

A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System NCS 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to...

Cisco AppDynamics Controller Path Traversal Vulnerability

A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this...

Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based management interface. An...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The...

Cisco Identity Services Engine Software Resource Exhaustion Vulnerability

A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to insufficient management of system resources. An attack...

Cisco Duo for macOS Authentication Bypass Vulnerability

A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability exists because the assigned user of a smart card is not properly matched with the authenticating user. An attacke...

Cisco Catalyst 9100 Series Access Points Association Request Denial of Service Vulnerability

A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points APs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of certain...

Cisco SD-WAN vManage Software Information Disclosure Vulnerability

A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. This vulnerability is due to insufficient API authorization checking on the underlying operating system. An attacker cou...

Cisco Redundancy Configuration Manager for Cisco StarOS Software Multiple Vulnerabilities

Multiple vulnerabilities in Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow a unauthenticated, remote attacker to disclose sensitive information or execute arbitrary commands as the root user in the context of the configured container. For more information about...

Cisco SD-WAN vManage Software Directory Traversal Vulnerability

A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests to application...

Cisco Vision Dynamic Signage Director Missing Authentication Vulnerability

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-bas...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficien...

Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers DHCP Denial of Service Vulnerability

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service DoS condition. The vulnerability is due to insufficient erro...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability

A vulnerability in Simple Network Management Protocol SNMP trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of...

Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability

A vulnerability in the Protocol Independent Multicast PIM feature for IPv6 networks PIM6 of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper error handling when processing...

Cisco Data Center Network Manager Path Traversal Vulnerability

A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploi...

Cisco UCS Director Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco UCS Director could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interfa...

Cisco Data Center Network Manager Authentication Bypass Vulnerability

A vulnerability in the Device Manager application of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device. The vulnerability is due to a failure in the software to perform proper...

Cisco Webex Meetings and Cisco Webex Meetings Server HTML Injection Vulnerability

A vulnerability in certain web pages of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to modify a web page in the context of a browser. The vulnerability is due to improper checks on parameter values within affected pages. An attacker could...

Cisco SD-WAN vManage Software XML External Entity Vulnerability

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity XXE entries when parsing certain XML...

Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input...

Cisco IOS XE Software Web UI Command Injection Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An attacker could exploit this...

Cisco AMP for Endpoints Mac Connector Software File Scan Denial of Service Vulnerability

A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service DoS condition of the Cisco AMP for Endpoints service. The vulnerabili...

Cisco Content Security Management Appliance Open Redirect Vulnerabilities

Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an...

Cisco Hosted Collaboration Mediation Fulfillment XML External Expansion Vulnerability

A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need...

Cisco Firepower Management Center File Overwrite Vulnerability

A vulnerability in the web UI of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by...

Cisco Webex Meetings Client for MacOS Information Disclosure Vulnerability

A vulnerability in the multicast DNS mDNS protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running. The vulnerability exists because sensitive information ...

Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system OS. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabilit...

Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system OS on an affected device. The vulnerability is due to insufficient input validation of command...

Cisco Cloud Web Security SQL Injection Vulnerability

A vulnerability in the web UI of Cisco Cloud Web Security could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web-based management interface improperly validates SQL values. An authenticated attacker could exploit this vulnerability...

Cisco Enterprise NFV Infrastructure Software Remote Code Execution Vulnerability

A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to install a malicious file when upgrading. The vulnerability is due to insufficient signature validation. An attacker could exploit this vulnerability by...

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of endpoint data stored in logs used by the web-based interface. An attacker could...

Cisco Finesse Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. A...

Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerabili...

Cisco Remote PHY IPv4 Fragment Denial of Service Vulnerability

A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service DoS condition. The vulnerability is due to the affected software not...

Cisco WebEx Recording Format Player Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Recording Format WRF Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a...

Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability

A vulnerability in Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether those privileges are highe...

Cisco Ultra Services Framework AutoVNF Symbolic Link Handling Information Disclosure Vulnerability

A vulnerability in the symbolic link symlink creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of...

Cisco IOS XR Software Local Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending...