Cisco IOS XR Software CLI Arbitrary File Read Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

Cisco Routed Passive Optical Network Controller Vulnerabilities

Multiple vulnerabilities in Cisco Routed Passive Optical Network PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker to perform command injection attacks, execute arbitrary commands on the...

Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers Authenticated Remote Code Execution Vulnerability

A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient boundary checks when processing specific HTTP requests. An attacker...

Cisco StarOS Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...

Cisco IoT Field Network Director Denial of Service Vulnerability

A vulnerability in the Constrained Application Protocol CoAP implementation of Cisco IoT Field Network Director could allow an unauthenticated remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation of incoming Co...

Cisco Aironet 1830 Series and 1850 Series Access Points Mobility Express Default Credential Vulnerability

A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete control of an affected device. The vulnerability is due to the existence of default credentials for an...

Cisco UCS Director Privilege Escalation Vulnerability

A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile. The vulnerability is due to improper role-based access control RBAC after the Developer Menu is enabled in Cisco UCS Director...

Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability

A vulnerability in the web interface of Cisco Cloud Services Platform CSP 2100 could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of specific values received as part of a user-supplied HTTP request...

Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability

A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerabilit...

Cisco IOS Software Tunnel Interfaces Security Bypass Vulnerability

A vulnerability in Cisco devices running IOS Software versions 15.204M6 and 15.403S configured with access control lists ACLs could allow an unauthenticated, remote user connected to a tunnel interface to bypass configured ACLs on tunnel interfaces if the ACL on the physical interface permits the...

Cisco Virtualization Experience Client 6215 Devices Command Injection Vulnerability

A vulnerability in the diagnostics portion of the administrative web interface of Cisco Virtualization Experience VXC Client 6215 devices could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with elevated privileges. The vulnerability is du...

Cisco Email Security Appliance Anti-Spam Scanner Bypass Vulnerability

A vulnerability in the anti-spam scanner of the Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the anti-spam functionality of the ESA. The vulnerability is due to improper handling of a malformed packet in the anti-spam scanner. An attacker could...

Cisco Prime Security Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Prime Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validation of several...

Cisco IOS XR Software Information Disclosure Vulnerability

A vulnerability in the command-line interface CLI of Cisco IOS XR Software could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to insufficient data protection of sensitive information. An attacker could exploit this vulnerability by issuing...

Cisco Security Manager Cross-Site Request Forgery Vulnerability

A vulnerability in the web framework of Cisco Security Manager could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack against the web interface. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by...

Cisco Unified Communications Domain Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validation of...

Cisco WebEx Sales Center Mobile Browser Open Redirect Vulnerability

A vulnerability in Cisco WebEx Sales Center could allow an unauthenticated, remote attacker to cause WebEx Sales Center to redirect mobile browsers to an attacker-supplied URL. The vulnerability is due to an open redirect issue in Cisco WebEx Sales Center. An attacker could exploit this...

Cisco WebEx Business Suite Site Access Control Bypass Vulnerability

A vulnerability in the site access control implementation of Cisco WebEx Business Suite could allow an authenticated, remote attacker to inject content from the attacker-controlled WebEx site into another WebEx site. The vulnerability is due to insufficient validation of user-supplied input. An...

Cisco WebEx Training Center Bypass Email Verification to Join Audio Conference Vulnerability

A vulnerability in the training center registration page of Cisco WebEx Training Center could allow an unauthenticated, remote attacker to attend the audio conference for a training session without having to confirm the email address. The vulnerability is due to the disclosure of the training...

Cisco WebEx Multiple Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in Cisco WebEx Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by convincing a user ...

Cisco MARS Information Disclosure Vulnerability

A vulnerability in the configuration of the XML parser of the Cisco Security Monitoring, Analysis and Response System MARS could allow an unauthenticated, remote attacker to have "read" access to part of information stored in the affected system. The vulnerability is due to improper handling of X...

Cisco Identity Services Engine Database Default Credentials Vulnerability

...

Apache HTTPd Range Header Denial of Service Vulnerability

The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability. Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence...

Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability

...

Cisco Router and Security Device Manager Cross-Site Scripting Vulnerability

Cisco Router and Security Device Manager versions 2.5 and prior contain a vulnerability that could allow attackers to conduct cross-site scripting attacks. The vulnerability exists due to improper validation of parameters processed by the application. An unauthenticated, remote attacker could...

Cisco CallManager Web Interface Input Validation Bypass Vulnerability

Cisco CallManager versions 4.31 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions and conduct cross-site scripting attacks. This vulnerability exists due to insufficient sanitization of user-supplied input to the CallManager web...

Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability

...

Default Password in Wireless Location Appliance

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco Intrusion Prevention System Scanning Bypass Vulnerability

Cisco Intrusion Prevention System versions prior to 5.12 contain a vulnerability that could allow an unauthenticated, remote attacker to bypass security scanning. This vulnerability is due to a failure to properly handle fragmented packets. An unauthenticated, remote attacker can exploit this...

Windows VPN Client Local Privilege Escalation Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Cisco IOS XR MPLS Vulnerabilities

...

Crafted ICMP Messages Can Cause Denial of Service

...

Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability

...

Denial-of-Service of TCP-based Services in CatOS

...

CBOS - Improving Resilience to Denial-of-Service Attacks

...

Aironet Telnet Vulnerability

...

ICMP Unreachable Vulnerability in Cisco 12000 Series Internet Router

...

More Multiple Vulnerabilities in CBOS

...

Cisco 7xx TCP and HTTP Vulnerabilities

...

Cisco IOS Syslog Crash

...

Cisco Web Cache Control Protocol Router Vulnerability

...

Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability

A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient validation of the metadata update file. An attacker could exploit this...

Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. For more information about these vulnerabilities, see the Details "details"...

Cisco IOS XE Software HTTP API Command Injection Vulnerability

A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the underlying operating system. This vulnerability is due to insufficient input validation. An attacker with administrative privileges...

Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an unauthenticated, remote attacker to issue commands on the underlying operating system as the root user. For more information about these vulnerabilities, see the Details...

Cisco Identity Services Engine Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to either bypass the authorization mechanisms or conduct a cross-site scripting XSS attack. For more information about these vulnerabilities, see the Details "details" section of this...

Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense FTD Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service DoS...

Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability

A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an issue that occurs when TLS...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition on an...

Cisco ATA 190 Series Analog Telephone Adapter Firmware Vulnerabilities

Multiple vulnerabilities in Cisco ATA 190 Series Analog Telephone Adapter firmware, both on-premises and multiplatform, could allow a remote attacker to delete or change the configuration, execute commands as the root user, conduct a cross-site scripting XSS attack against a user of the interface...