Cisco Secure Email Gateway Email Filter Bypass Vulnerability

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to improper handling of email...

Cisco BroadWorks SIP Denial of Service Vulnerability

A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service DoS condition. This vulnerability is due to improper memory handling for certain SIP requests. An...

Cisco Adaptive Security Appliance Software SSH Remote Command Injection Vulnerability

A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability

A vulnerability in the Resource Reservation Protocol RSVP feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a buff...

Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS could allow a low-privileged, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based...

Cisco Nexus Dashboard Privilege Escalation Vulnerability

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this...

Cisco Duo Authentication for Windows Logon and RDP Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain...

Cisco BroadWorks Application Delivery Platform and Xtended Services Platform Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

Cisco Unified Communications Products Privilege Escalation Vulnerability

A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected...

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker cou...

Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability

A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the implementation of the cipher...

Cisco BroadWorks Privilege Escalation Vulnerability

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...

Cisco SD-WAN vEdge Routers Denial of Service Vulnerability

A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service DoS condition. This vulnerability is due to insufficient memory management when an affected device...

Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. The vulnerability is due to incorrect permissions being set when the affected command is executed. An attacker could exploit this...

Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI...

Cisco StarOS Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...

Cisco DNA Center Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerabilities exist because the web-based managemen...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A vulnerability in the web UI of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Trustpoint Configuration Defaults

Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software can be configured for certificate authentication in remote access VPN deployments. An external researcher has identified several misconfigured Cisco ASA and FTD Software remote access devices where the...

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied input in the...

Cisco SD-WAN vManage Software Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to consume excessive system memory and cause a denial of service DoS condition on an affected system. The vulnerability is due to inefficient memory management. An...

Cisco SD-WAN vManage Software SQL Injection Vulnerability

A vulnerability in the web-based management interface for Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to...

Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...

Cisco IOS XR Software IPsec Packet Processor Denial of Service Vulnerability

A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service DoS condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An...

Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Content Security Management Appliance SMA could allow an unauthenticated remote attacker to cause high CPU usage on an affected device,...

Cisco MDS 9000 Series Switches Denial of Service Vulnerability

A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper resource usage control. An...

Cisco SD-WAN Solution SQL Injection Vulnerability

A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could...

Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance WSA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient...

Cisco Firepower System Software Transport Layer Security Extensions Denial of Service Vulnerability

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service DoS condition. The vulnerability is due to the incorrect...

Cisco Prime Collaboration Provisioning Tool System File Overwrite Vulnerability

A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is due to lack of input validation of the parameters in BatchFileName and Directory. An attacker coul...

Cisco Unified Communications Manager Horizontal Privilege Escalation Vulnerability

A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalation where one user can modify another user's configuration. The vulnerability is due to lack of prop...

Cisco IOS XR Software Multicast Source Discovery Protocol Session Denial of Service Vulnerability

A vulnerability in Multicast Source Discovery Protocol MSDP ingress packet processing for Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service DoS condition. The MSDP session will restart within...

Cisco Prime Infrastructure and Evolved Programmable Network Manager DOM Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM based environment or client-side cross-site scripting XSS attack against a us...

Cisco Wide Area Application Services TCP Fragment Denial of Service Vulnerability

A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services WAAS could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service DoS condition. The vulnerability is due to incomplete...

Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability

A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering TE tunnels, resulting in a denial of servic...

Cisco Remote Expert Manager Information Disclosure Vulnerability

A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding t...

Cisco Prime Collaboration Provisioning Directory Traversal Information Disclosure Vulnerability

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to view any file on an affected system. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails ...

Cisco Remote Expert Manager Order Information Disclosure Vulnerability

A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding t...

Cisco UCS Director Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation ...

Cisco NetFlow Generation Appliance Stream Control Transmission Protocol Denial of Service Vulnerability

A vulnerability in the Stream Control Transmission Protocol SCTP decoder of the Cisco NetFlow Generation Appliance NGA could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service DoS condition. The vulnerability is due to...

Cisco Prime Home Authentication Bypass Vulnerability

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control RBAC of URLs. An attacker could...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A cross-site scripting XSS filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS attacks against a user of an affected device. The vulnerability is due to a failure to properly call XS...

Cisco IOS and Cisco IOx Software Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco IOS and Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. The vulnerability is due to lack of proper input validation of the...

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. The vulnerability is due to insufficient masking of sensitive data in the HTTP response. An attacker could exploit this...

Cisco Mobility Express 2800 and 3800 Denial of Service Vulnerability

A vulnerability in 802.11 ingress connection authentication handling for the Cisco Mobility Express 2800 and 3800 Access Points APs could allow an unauthenticated, adjacent attacker to cause authentication to fail. The vulnerability is due to improper error handling for 802.11 authentication...

Cisco CloudCenter Orchestrator Docker Engine Privilege Escalation Vulnerability

A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator CCO; formerly CliQr could allow an unauthenticated, remote attacker to install Docker containers with high privileges on the affected system. The vulnerability is due to a misconfiguration that causes the Docker...

Cisco Email Security Appliance Corrupted Attachment Fields Denial of Service Vulnerability

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service DoS condition. The vulnerabili...

Cisco Email Security Appliance Malformed DGN File Attachment Denial of Service Vulnerability

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists because the message filtering feature of...