Cisco - Page 88 of Cisco Most Viewed Vulnerabilities List | Vulners.com

CiscoMost viewed

Recent Most viewed

5224 matches found

Cisco•added 2013/07/17 4:20 p.m.•22 views

Cisco Unified Communications Manager Blind SQL Injection Vulnerability

A vulnerability in Cisco Unified Communication Manager Unified CM could allow an authenticated, remote attacker to execute a blind Structured Query Language SQL injection. The vulnerability is due to improper validation of user-supplied requests by the Cisco Unified CM. An attacker could exploit...

5.5CVSS2.1AI score0.00961EPSS

Exploits0References1

Cisco•added 2013/07/11 8:14 p.m.•22 views

Cisco Unified Communications Domain Manager Cross-Site Scripting Vulnerability

A vulnerability in the IptAccountMgmt, IptFeatureDisplayPolicyMgmt, IptFeatureConfigTemplateMgmt, and IptProviderMgmt pages of the Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. The vulnerability is due to...

4.3CVSS1AI score0.00942EPSS

Exploits0References1

Cisco•added 2013/07/10 1:57 p.m.•22 views

Cisco Virtualization Experience Client Privilege Escalation Vulnerability

A vulnerability in the function handling the operating system permissions of Cisco Virtualization Experience Client 6000 Series could allow an authenticated, local attacker to take full control of the affected system. The vulnerability is due to improper implementation of the permissions for the...

6.8CVSS2.8AI score0.00335EPSS

Exploits0References1

Cisco•added 2013/06/17 8:16 p.m.•22 views

Cisco ASA-CX TCP Traffic Denial of Service Vulnerability

A vulnerability processing TCP traffic on Cisco ASA CX could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to invalid parsing of TCP packet data forwarded to Cisco ASA CX by the Cisco ASA. An attacker could exploit this vulnerability ...

5.4CVSS3AI score0.0133EPSS

Exploits0References1

Cisco•added 2013/06/05 6:25 p.m.•22 views

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in the Cisco WebEx Event Center module of the Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to gather event passwords and host keys. The vulnerability is due to a failure to authenticate some user requests. An attacker could exploit this vulnerability...

4.3CVSS1.8AI score0.018EPSS

Exploits1References1

Cisco•added 2013/04/29 8:32 p.m.•22 views

Cisco Nexus 7000 Frame Forwarding Loop Denial of Service Vulnerability

Cisco NX-OS Software running on Nexus 7000 Series Switches contains a vulnerability that could allow an unauthenticated, remote attacker with access to an adjacent network to cause a denial of service DoS condition. The vulnerability is due to mishandling of a specific type of nonstandard Etherne...

6.1CVSS2.2AI score0.00563EPSS

Exploits0References1

Cisco•added 2013/04/29 8:28 p.m.•22 views

Cisco IPS SensorApp Regex Processing Denial of Service Vulnerability

Cisco Intrusion Prevention System IPS SensorApp contains a vulnerability that could allow a local attacker to cause a denial of service DoS condition. The vulnerability is due to a job failure in the Regex hardware when processing the control transaction getENGVirtualSensorStatistics. A local...

4.4CVSS1AI score0.00247EPSS

Exploits0References1

Cisco•added 2013/04/22 7:37 p.m.•22 views

Cisco Adaptive Security Appliance Software and Firewall Services Module Software Time-Range Object Access List Bypass Vulnerability

A vulnerability in the implementation of the time-range object could allow an unauthenticated, remote attacker to bypass access lists that are using the time-range option. The vulnerability is due to improper implementation of the code for the time-range object, when the periodic command is used...

5CVSS2.1AI score0.01247EPSS

Exploits0References1

Cisco•added 2013/04/17 4:0 p.m.•22 views

Cisco TelePresence Infrastructure Denial of Service Vulnerability

Cisco TelePresence multipoint control unit MCU and Cisco TelePresence Server contain a vulnerability that could allow an unauthenticated, remote attacker to trigger the reload of an affected system. Cisco has released software updates that address this vulnerability. Workarounds that mitigate thi...

7.1CVSS6.5AI score0.01169EPSS

Exploits0References1

Cisco•added 2013/04/11 8:0 p.m.•22 views

Cisco Host Scan Component of AnyConnect Secure Mobility and Secure Desktop Privilege Elevation Vulnerability

The Cisco Host Scan component of Cisco AnyConnect Secure Mobility and Cisco Secure Desktop contains multiple vulnerabilities that could allow a local, unprivileged user to elevate privileges to those of SYSTEM. Cisco has confirmed the vulnerability in a security notice and software updates are...

6.6CVSS2AI score0.00326EPSS

Exploits0References1

Cisco•added 2013/03/19 2:50 p.m.•22 views

Cisco Jabber IM for Android Denial of Service Vulnerability

A vulnerability in the XML parser of Cisco Jabber IM for Android could allow an authenticated, remote attacker to prevent the client to connect, causing a denial of service condition. The vulnerability is due to insufficient validation of crafted Extensible Messaging and Presence Protocol XMPP...

6.3CVSS2.5AI score0.00933EPSS

Exploits0References1

Cisco•added 2013/03/06 6:23 p.m.•22 views

Cisco Small Business Switches SSH Packet Processing Denial of Service Vulnerability

Cisco Small Business Switches contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition to features that rely on SSH or SSL protocols. The vulnerability is due to the processing flaw in malformed packets in the code used by SSH and SSL...

5CVSS0.8AI score0.01553EPSS

Exploits0References1

Cisco•added 2013/02/11 3:39 p.m.•22 views

Cisco NAC Appliance Cross-Site Scripting Vulnerability

Cisco NAC Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to insufficient validation of user-supplied input processed by the affected software. An unauthenticated, remote attacker could explo...

4.3CVSS2.5AI score0.00967EPSS

Exploits0References1

Cisco•added 2013/01/09 4:10 p.m.•22 views

Cisco Unified IP Phones Local Kernel System Call Input Validation Vulnerability

Cisco Unified IP Phones 7900 Series versions 9.31SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges. This vulnerability is due to a failure to properly validate input passed to kerne...

6.8CVSS2.4AI score0.004EPSS

Exploits0References1

Cisco•added 2012/09/26 4:0 p.m.•22 views

Cisco IOS Software DHCP Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. An attacker could exploit this vulnerability by sending a single DHCP packet to or through an affected device, causing the device to reload. Cisco has...

7.8CVSS6.9AI score0.01557EPSS

Exploits0References1

Cisco•added 2012/09/12 4:0 p.m.•22 views

Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability

A denial of service DoS vulnerability exists in Cisco Unified Presence and Jabber Extensible Communications Platform Jabber XCP. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted Extensible Messaging and Presence Protocol XMPP stream header to an...

7.8CVSS6.4AI score0.02774EPSS

Exploits0References1

Cisco•added 2012/05/16 7:28 p.m.•22 views

Cisco ASA 5500 Series Adaptive Security Appliance Cut-Through Proxy Authentication Information Disclosure Vulnerability

Cisco ASA 5500 Series Adaptive Security Appliance firmware contains a vulnerability that could allow an unauthenticated, remote attacker to access sensitive information on a targeted system. The vulnerability is due to improper proxy authentication during attempts to cut through a targeted system...

4.3CVSS6.6AI score0.02231EPSS

Exploits0References1

Cisco•added 2012/02/29 4:0 p.m.•22 views

Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6AI score

Exploits0References1

Cisco•added 2011/11/02 4:0 p.m.•22 views

Cisco Small Business SRP500 Series Command Injection Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

9.3CVSS6.2AI score0.01802EPSS

Exploits0References1

Cisco•added 2011/09/28 4:0 p.m.•22 views

Cisco IOS Software IP Service Level Agreement Vulnerability

The Cisco IOS IP Service Level Agreement IP SLA feature contains a denial of service DoS vulnerability. The vulnerability is triggered when malformed UDP packets are sent to a vulnerable device. The vulnerable UDP port numbers depend on the device configuration. Default ports are not used for the...

7.8CVSS6.6AI score0.02564EPSS

Exploits0References1

Cisco•added 2011/06/01 4:0 p.m.•22 views

Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series

...

Exploits0References1

Cisco•added 2011/05/18 1:16 p.m.•22 views

Cisco Unified Operations Manager Common Services Device Center Cross-Site Scripting Vulnerability

Cisco Unified Operations Manager contains a cross-site scripting vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of user input supplied to the Common Services Device Center component used b...

4.3CVSS5.6AI score0.04654EPSS

Exploits6References1

Cisco•added 2009/09/23 4:0 p.m.•22 views

Cisco IOS Software H.323 Denial of Service Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.2AI score0.02945EPSS

Exploits0References1

Cisco•added 2008/10/08 4:0 p.m.•22 views

Authentication Bypass in Cisco Unity

A vulnerability exists in Cisco Unity that could allow an unauthenticated user to view or modify some of the configuration parameters of the Cisco Unity server. Cisco has released software updates that address this vulnerabilities. A workaround that mitigates this vulnerability is available. This...

5.8CVSS6.3AI score0.01703EPSS

Exploits1References1

Cisco•added 2008/08/14 10:30 p.m.•22 views

Vulnerability in Cisco WebEx Meeting Manager ActiveX Control

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

9.3CVSS5.9AI score0.65391EPSS

Exploits8References1

Cisco•added 2008/03/26 4:0 p.m.•22 views

Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.1CVSS6.3AI score0.01894EPSS

Exploits0References1

Cisco•added 2008/01/15 10:42 p.m.•22 views

Cisco VPN Client IPSec Driver Kernel Memory Corruption Vulnerability

Cisco VPN Client for Windows version 5.0.02.0090 contains a vulnerability that could allow a local attacker to cause the affected system to fail and restart, resulting in a denial of service DoS condition. This vulnerability exists due to invalid memory operations. An attacker could exploit this...

4.6CVSS7.4AI score0.01173EPSS

Exploits1References1

Cisco•added 2007/02/14 9:57 p.m.•22 views

Cisco PIX and ASA TCP Traffic Inspection Denial of Service Vulnerability

Cisco PIX 500 Series Security Appliances and Cisco ASA 5500 Series Adaptive Security Appliances ASA contain a vulnerability that could allow an unauthenticated, remote attacker to crash an affected device, causing a denial of service DoS condition. This vulnerability exists due to insufficient...

7.8CVSS6.9AI score0.02292EPSS

Exploits0References1

Cisco•added 2006/10/09 4:0 p.m.•22 views

Limitations in Cisco Secure Desktop

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Exploits0References1

Cisco•added 2006/04/05 3:0 p.m.•22 views

Cisco 11500 Content Services Switch HTTP Request Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

5CVSS6.3AI score0.01814EPSS

Exploits0References1

Cisco•added 2004/12/15 7:0 p.m.•22 views

Default Administrative Password in Cisco Guard and Traffic Anomaly Detector

...

Exploits0References1Affected Software2

Cisco•added 2004/06/30 4:0 p.m.•22 views

Cisco Collaboration Server Vulnerability

...

10CVSS2.1AI score0.02974EPSS

Exploits0References1Affected Software1

Cisco•added 2026/04/01 4:0 p.m.•21 views

Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host. This vulnerability is due to the unintentional exposure of an internal service. An...

9.8CVSS6.2AI score0.00914EPSS

Exploits0References1

Cisco•added 2026/03/25 4:0 p.m.•21 views

Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...

5.4CVSS5.9AI score0.00284EPSS

Exploits0References1

Cisco•added 2026/03/04 4:0 p.m.•21 views

Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...

10CVSS6.4AI score0.27551EPSS

Exploits4References1

Cisco•added 2025/02/19 4:0 p.m.•21 views

Cisco Secure Email Gateway Email Filter Bypass Vulnerability

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to improper handling of email...

5.8CVSS5.7AI score0.00333EPSS

Exploits0References1

Cisco•added 2024/11/06 4:0 p.m.•21 views

Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul URWB Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating...

10CVSS10AI score0.03146EPSS

Exploits0References1

Cisco•added 2024/08/21 4:0 p.m.•21 views

Cisco Unified Communications Manager Denial of Service Vulnerability

A vulnerability in the SIP call processing function of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected devic...

8.6CVSS8.5AI score0.00745EPSS

Exploits0References1

Cisco•added 2024/08/21 4:0 p.m.•21 views

Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities

Multiple vulnerabilities in the REST API of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are due to insufficient validation of user-supplied input in REST API calls. An attacker could exploit these...

6.5CVSS7.8AI score0.00498EPSS

Exploits0References1

Cisco•added 2024/05/15 4:0 p.m.•21 views

Cisco Crosswork Network Services Orchestrator Open Redirect Vulnerability

A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator NSO could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of a parameter in an HTTP request. An...

4.7CVSS5.5AI score0.00312EPSS

Exploits0References1

Cisco•added 2024/04/03 4:0 p.m.•21 views

Cisco Nexus Dashboard Privilege Escalation Vulnerability

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this...

6CVSS6.1AI score0.00168EPSS

Exploits0References1

Cisco•added 2024/04/03 4:0 p.m.•21 views

Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS could allow a low-privileged, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based...

5.5CVSS5.3AI score0.0038EPSS

Exploits0References1

Cisco•added 2024/03/06 4:0 p.m.•21 views

Cisco Duo Authentication for Windows Logon and RDP Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain...

4.4CVSS4.7AI score0.00109EPSS

Exploits0References1

Cisco•added 2024/01/10 4:0 p.m.•21 views

Cisco BroadWorks Application Delivery Platform and Xtended Services Platform Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

4.8CVSS5.3AI score0.00355EPSS

Exploits0References1

Cisco•added 2023/08/30 4:0 p.m.•21 views

Cisco Unified Communications Products Privilege Escalation Vulnerability

A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected...

6.5CVSS6.8AI score0.00364EPSS

Exploits0References1

Cisco•added 2023/08/16 4:0 p.m.•21 views

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker cou...

5.5CVSS5.5AI score0.00304EPSS

Exploits2References1

Cisco•added 2023/08/16 4:0 p.m.•21 views

Cisco Duo Device Health Application for Windows Arbitrary File Write Vulnerability

A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an affected system. This vulnerability is due to insufficient...

7.1CVSS7AI score0.00385EPSS

Exploits0References1

Cisco•added 2023/07/05 4:0 p.m.•21 views

Cisco Duo Authentication Proxy Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this...

4.9CVSS6.4AI score0.00356EPSS

Exploits0References1

Cisco•added 2023/07/05 4:0 p.m.•21 views

Cisco BroadWorks Privilege Escalation Vulnerability

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...

6CVSS6.2AI score0.00192EPSS

Exploits0References1

Cisco•added 2022/11/09 4:0 p.m.•21 views

Cisco Firepower Management Center Software Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based management interface...

5.3CVSS5.2AI score0.00658EPSS

Exploits0References1

Total number of security vulnerabilities5000