Cisco - Page 89 of Cisco Most Viewed Vulnerabilities List | Vulners.com

CiscoMost viewed

Recent Most viewed

5223 matches found

Cisco•added 2013/04/29 8:28 p.m.•21 views

Cisco IPS SensorApp Regex Processing Denial of Service Vulnerability

Cisco Intrusion Prevention System IPS SensorApp contains a vulnerability that could allow a local attacker to cause a denial of service DoS condition. The vulnerability is due to a job failure in the Regex hardware when processing the control transaction getENGVirtualSensorStatistics. A local...

4.4CVSS1AI score0.00247EPSS

Exploits0References1

Cisco•added 2013/03/19 2:50 p.m.•21 views

Cisco Jabber IM for Android Denial of Service Vulnerability

A vulnerability in the XML parser of Cisco Jabber IM for Android could allow an authenticated, remote attacker to prevent the client to connect, causing a denial of service condition. The vulnerability is due to insufficient validation of crafted Extensible Messaging and Presence Protocol XMPP...

6.3CVSS2.5AI score0.00933EPSS

Exploits0References1

Cisco•added 2013/03/06 6:23 p.m.•21 views

Cisco Small Business Switches SSH Packet Processing Denial of Service Vulnerability

Cisco Small Business Switches contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition to features that rely on SSH or SSL protocols. The vulnerability is due to the processing flaw in malformed packets in the code used by SSH and SSL...

5CVSS0.8AI score0.01553EPSS

Exploits0References1

Cisco•added 2013/01/23 4:0 p.m.•21 views

Multiple Vulnerabilities in Cisco Wireless LAN Controllers

The Cisco Wireless LAN Controller Cisco WLC product family is affected by the following four vulnerabilities: Cisco Wireless LAN Controllers Wireless Intrusion Prevention System wIPS Denial of Service Vulnerability Cisco Wireless LAN Controllers Session Initiation Protocol Denial of Service...

9CVSS7.1AI score0.01819EPSS

Exploits0References1

Cisco•added 2013/01/22 9:3 p.m.•21 views

Cisco TelePresence Video Communication Server Policy Services Security Bypass Vulnerability

Cisco TelePresence Video Communication Server VCS contains a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions on a targeted system. The vulnerability is due to improper processing of certain search rules processed by the affected software. An...

5CVSS2.3AI score0.01046EPSS

Exploits0References1

Cisco•added 2012/05/16 7:28 p.m.•21 views

Cisco ASA 5500 Series Adaptive Security Appliance Cut-Through Proxy Authentication Information Disclosure Vulnerability

Cisco ASA 5500 Series Adaptive Security Appliance firmware contains a vulnerability that could allow an unauthenticated, remote attacker to access sensitive information on a targeted system. The vulnerability is due to improper proxy authentication during attempts to cut through a targeted system...

4.3CVSS6.6AI score0.02231EPSS

Exploits0References1

Cisco•added 2012/05/11 1:48 p.m.•21 views

Cisco Unified MeetingPlace Directory Enumeration Information Disclosure Vulnerability

Cisco Unified MeetingPlace software contains a vulnerability that could allow an unauthenticated, remote attacker to access sensitive information on a targeted system. The vulnerability is due to an unspecified error in the affected software that could allow an attacker to enumerate existing...

5CVSS6.2AI score0.01173EPSS

Exploits0References1

Cisco•added 2012/04/12 4:1 p.m.•21 views

Cisco IronPort Web Security Appliance basicConstraints Parameter Processing Man-in-the-Middle Vulnerability

Cisco IronPort Web Security Appliance WSA software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks against a targeted system. The vulnerability is in the insecure SSL implementation of the affected operating system due to improper...

4.3CVSS7.4AI score0.00657EPSS

Exploits0References1

Cisco•added 2012/02/29 4:23 p.m.•21 views

Cisco Unified Communications Manager Device Registration SQL Injection Vulnerability

Cisco Unified Communications Manager contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands in a database underlying the affected application. The vulnerability is due to improper sanitization of input in device registration requests. An...

5.8CVSS7.4AI score0.01047EPSS

Exploits0References1

Cisco•added 2011/09/28 4:0 p.m.•21 views

Cisco IOS Software IP Service Level Agreement Vulnerability

The Cisco IOS IP Service Level Agreement IP SLA feature contains a denial of service DoS vulnerability. The vulnerability is triggered when malformed UDP packets are sent to a vulnerable device. The vulnerable UDP port numbers depend on the device configuration. Default ports are not used for the...

7.8CVSS6.6AI score0.02564EPSS

Exploits0References1

Cisco•added 2011/06/01 4:0 p.m.•21 views

Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series

...

Exploits0References1

Cisco•added 2010/01/20 4:0 p.m.•21 views

CiscoWorks Internetwork Performance Monitor CORBA GIOP Overflow Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS6.1AI score0.08479EPSS

Exploits0References1

Cisco•added 2008/10/08 4:0 p.m.•21 views

Authentication Bypass in Cisco Unity

A vulnerability exists in Cisco Unity that could allow an unauthenticated user to view or modify some of the configuration parameters of the Cisco Unity server. Cisco has released software updates that address this vulnerabilities. A workaround that mitigates this vulnerability is available. This...

5.8CVSS6.3AI score0.01703EPSS

Exploits1References1

Cisco•added 2008/08/14 10:30 p.m.•21 views

Vulnerability in Cisco WebEx Meeting Manager ActiveX Control

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

9.3CVSS5.9AI score0.65391EPSS

Exploits8References1

Cisco•added 2008/05/14 4:0 p.m.•21 views

Cisco Unified Communications Manager Denial of Service Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS5.9AI score0.01916EPSS

Exploits1References1

Cisco•added 2008/01/15 10:42 p.m.•21 views

Cisco VPN Client IPSec Driver Kernel Memory Corruption Vulnerability

Cisco VPN Client for Windows version 5.0.02.0090 contains a vulnerability that could allow a local attacker to cause the affected system to fail and restart, resulting in a denial of service DoS condition. This vulnerability exists due to invalid memory operations. An attacker could exploit this...

4.6CVSS7.4AI score0.01173EPSS

Exploits1References1

Cisco•added 2007/11/07 2:56 p.m.•21 views

Cisco Unified MeetingPlace Login Screen Cross-Site Scripting Vulnerability

Cisco Unified MeetingPlace versions 5.3.235.0 and prior, 5.4, and 6.0 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability is due to insufficient filtering of parameters passed to the Login form of Cisco Unified...

4.3CVSS6.6AI score0.01223EPSS

Exploits1References1

Cisco•added 2006/10/09 4:0 p.m.•21 views

Limitations in Cisco Secure Desktop

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Exploits0References1

Cisco•added 2006/07/12 4:0 p.m.•21 views

Cisco Router Web Setup Ships with Insecure Default IOS Configuration

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.5CVSS6.3AI score0.0421EPSS

Exploits0References1

Cisco•added 2006/04/05 3:0 p.m.•21 views

Cisco 11500 Content Services Switch HTTP Request Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

5CVSS6.3AI score0.01814EPSS

Exploits0References1

Cisco•added 2004/12/15 7:0 p.m.•21 views

Default Administrative Password in Cisco Guard and Traffic Anomaly Detector

...

Exploits0References1Affected Software2

Cisco•added 2004/04/08 4:0 p.m.•21 views

Cisco IPSec Malformed IKE Packet Vulnerability

...

5CVSS1.9AI score0.02008EPSS

Exploits0References1

Cisco•added 1998/01/22 12:0 a.m.•21 views

Cisco IOS 11.3(1.2) and 11.3(1.2)T AAA Failure

...

Exploits0References1

Cisco•added 2026/04/23 3:0 p.m.•20 views

Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense

On April 23, 2026, the U.S. Cybersecurity and Infrastructure Security Agency CISA issued an update to V1: Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices...

9.9CVSS9AI score0.83681EPSS

Exploits1References1

Cisco•added 2026/03/25 4:0 p.m.•20 views

Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...

5.4CVSS5.9AI score0.00284EPSS

Exploits0References1

Cisco•added 2025/05/07 4:0 p.m.•20 views

Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system. This vulnerability is due to insufficient input validation. An authenticated attacker wi...

7.8CVSS7.8AI score0.00131EPSS

Exploits0References1

Cisco•added 2025/01/22 4:0 p.m.•20 views

Cisco Meeting Management REST API Privilege Escalation Vulnerability

A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could...

9.9CVSS9.6AI score0.01153EPSS

Exploits0References1

Cisco•added 2024/10/23 4:0 p.m.•20 views

Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability

A vulnerability in Cisco Firepower Threat Defense FTD Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded...

9.3CVSS8.9AI score0.00206EPSS

Exploits0References1

Cisco•added 2024/10/02 4:0 p.m.•20 views

Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability

A vulnerability in Cisco Nexus Dashboard Fabric Controller NDFC, formerly Cisco Data Center Network Manager DCNM, could allow an authenticated, remote attacker with network-admin privileges to perform a command injection attack against an affected device. This vulnerability is due to insufficient...

5.5CVSS5.9AI score0.0076EPSS

Exploits0References1

Cisco•added 2024/10/02 4:0 p.m.•20 views

Cisco UCS B-Series, Managed C-Series, and X-Series Servers Redfish API Command Injection Vulnerability

A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This...

6.5CVSS7.1AI score0.00878EPSS

Exploits0References1

Cisco•added 2024/09/25 4:0 p.m.•20 views

Cisco IOS XE Software IPv4 Fragmentation Reassembly Denial of Service Vulnerability

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...

8.6CVSS8.6AI score0.00987EPSS

Exploits0References1

Cisco•added 2024/09/04 4:0 p.m.•20 views

Cisco Duo Epic for Hyperdrive Information Disclosure Vulnerability

A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to view sensitive information in cleartext on an affected system. This vulnerability is due to improper storage of an unencrypted registry key. A low-privileged attacker could exploit this vulnerability ...

5.5CVSS5.2AI score0.00108EPSS

Exploits0References1

Cisco•added 2024/09/04 4:0 p.m.•20 views

Cisco Expressway Edge Improper Authorization Vulnerability

A vulnerability in Cisco Expressway Edge Expressway-E could allow an authenticated, remote attacker to masquerade as another user on an affected system. This vulnerability is due to inadequate authorization checks for Mobile and Remote Access MRA users. An attacker could exploit this vulnerabilit...

4.3CVSS4.6AI score0.00322EPSS

Exploits0References1

Cisco•added 2024/08/28 4:0 p.m.•20 views

Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability

A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leadi...

6.5CVSS6.9AI score0.0074EPSS

Exploits0References1

Cisco•added 2024/08/21 4:0 p.m.•20 views

Cisco Identity Services Engine REST API Blind SQL Injection Vulnerabilities

Multiple vulnerabilities in the REST API of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are due to insufficient validation of user-supplied input in REST API calls. An attacker could exploit these...

6.5CVSS7.8AI score0.00498EPSS

Exploits0References1

Cisco•added 2024/05/15 4:0 p.m.•20 views

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Secure Email Gateway, formerly Email Security Appliance ESA; and Secure Web Appliance could allow a remote attacker to conduct a cross-site scripting XSS attack against...

6.1CVSS5.3AI score0.00351EPSS

Exploits0References1

Cisco•added 2023/08/16 4:0 p.m.•20 views

Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability

A vulnerability in the remote support feature of Cisco Umbrella Virtual Appliance could allow an authenticated, remote attacker to obtain full control of an affected device. This vulnerability is due to an undocumented support mechanism that is present on the product. An attacker could exploit th...

6.4CVSS6.4AI score0.00372EPSS

Exploits1References1

Cisco•added 2023/08/16 4:0 p.m.•20 views

Cisco Duo Device Health Application for Windows Arbitrary File Write Vulnerability

A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an affected system. This vulnerability is due to insufficient...

7.1CVSS7AI score0.00385EPSS

Exploits0References1

Cisco•added 2023/07/05 4:0 p.m.•20 views

Cisco Duo Authentication Proxy Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this...

4.9CVSS6.4AI score0.00356EPSS

Exploits0References1

Cisco•added 2023/05/17 4:0 p.m.•20 views

Cisco Business Wireless Access Points Social Login Guest User Authentication Bypass Vulnerability

A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points APs could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An...

4.7CVSS6.5AI score0.00336EPSS

Exploits0References1

Cisco•added 2022/01/19 4:0 p.m.•20 views

Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based...

6.1CVSS6AI score0.00572EPSS

Exploits0References1

Cisco•added 2020/11/04 4:0 p.m.•20 views

Cisco SD-WAN vManage Software Path Traversal Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP...

6.5CVSS6.3AI score0.01705EPSS

Exploits0References1

Cisco•added 2020/11/04 4:0 p.m.•20 views

Cisco SD-WAN vManage Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability exists because the web-based management interface does not...

4.3CVSS4.6AI score0.00715EPSS

Exploits0References1

Cisco•added 2020/10/21 4:0 p.m.•20 views

Cisco Firepower 4110 ICMP Flood Denial of Service Vulnerability

A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incomplete input...

8.6CVSS8.6AI score0.01357EPSS

Exploits0References1

Cisco•added 2020/09/24 4:0 p.m.•20 views

Cisco IOS XE Software Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. A...

4.4CVSS5.3AI score0.00266EPSS

Exploits0References1

Cisco•added 2020/08/19 4:0 p.m.•20 views

Cisco Data Center Network Manager Information Disclosure Vulnerability

A vulnerability in Cisco Data Center Network Manager DCNM Software could allow an authenticated, local attacker to obtain confidential information from an affected device. The vulnerability is due to insufficient protection of confidential information on an affected device. An attacker at any...

5.5CVSS2.7AI score0.00287EPSS

Exploits0References1

Cisco•added 2020/08/19 4:0 p.m.•20 views

Cisco Connected Mobile Experiences Privilege Escalation Vulnerability

A vulnerability in Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to execute arbitrary commands with root privileges. The vulnerability is due to improper user permissions that are configured by default on an affected system. An...

6.7CVSS3.5AI score0.00386EPSS

Exploits0References1

Cisco•added 2020/08/19 4:0 p.m.•20 views

Cisco Data Center Network Manager Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to bypass authorization on an affected device and access sensitive information that is related to the device. The vulnerability exists because the...

6.3CVSS2.6AI score0.00805EPSS

Exploits0References1

Cisco•added 2020/08/19 4:0 p.m.•20 views

Cisco Data Center Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient input validation by the...

5.9CVSS1.5AI score0.00622EPSS

Exploits0References1

Cisco•added 2020/08/05 4:0 p.m.•20 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A vulnerability in the web UI of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. The...

6.1CVSS1.5AI score0.00833EPSS

Exploits0References1

Total number of security vulnerabilities5000