Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
added 2025/11/05 4:0 p.m.17 views

Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability

A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS...

8.6CVSS6.8AI score0.00673EPSS
Exploits0References1
Cisco
Cisco
added 2025/06/25 4:0 p.m.17 views

Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an unauthenticated, remote attacker to issue commands on the underlying operating system as the root user. For more information about these vulnerabilities, see the Details...

10CVSS6.7AI score0.96732EPSS
Exploits12References1
Cisco
Cisco
added 2025/05/21 4:0 p.m.17 views

Cisco Webex Services Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in Cisco Webex could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. These vulnerabilities are due to improper filtering of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user to follow a...

6.1CVSS6.3AI score0.00257EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.17 views

Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials...

5.5CVSS5.7AI score0.0014EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.17 views

Cisco IOS, IOS XE, and IOS XR Software TWAMP Denial of Service Vulnerability

A vulnerability in the Two-Way Active Measurement Protocol TWAMP server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service DoS condition. For Cisco IOS XR Software, this...

8.6CVSS8.5AI score0.00442EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.17 views

Cisco IOS XE Software for WLC Wireless IPv6 Clients Denial of Service Vulnerability

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent wireless attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could...

7.4CVSS7.7AI score0.00204EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.17 views

Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of servi...

8.6CVSS8.5AI score0.0048EPSS
Exploits0References1
Cisco
Cisco
added 2025/02/05 4:0 p.m.17 views

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Vulnerabilities

Multiple vulnerabilities in Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an attacker to execute arbitrary commands locally or remotely. For more information about these vulnerabilities, see the Details...

6.5CVSS6.1AI score0.009EPSS
Exploits0References1
Cisco
Cisco
added 2024/11/06 4:0 p.m.17 views

Cisco Nexus 3550-F Switches Access Control List Programming Vulnerability

A vulnerability in the access control list ACL programming of Cisco Nexus 3550-F Switches could allow an unauthenticated, remote attacker to send traffic that should be blocked to the management interface of an affected device. This vulnerability exists because ACL deny rules are not properly...

5.3CVSS5.3AI score0.0045EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.17 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...

7.7CVSS7.4AI score0.00446EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.17 views

Cisco Secure Firewall Management Center Software Cross-Site Scripting and Information Disclosure Vulnerabilities

Multiple vulnerabilities in Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an attacker to conduct cross-site scripting XSS attacks or access unauthorized information on an affected device. For more information about these...

5.4CVSS5.3AI score0.00441EPSS
Exploits0References1
Cisco
Cisco
added 2024/09/25 4:0 p.m.17 views

Cisco IOS XE Software HTTP Server Telephony Services Denial of Service Vulnerability

A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a null pointer dereference when accessin...

8.6CVSS7.9AI score0.00866EPSS
Exploits0References1
Cisco
Cisco
added 2024/09/25 4:0 p.m.17 views

Cisco IOS Software on Cisco Industrial Ethernet Series Switches Access Control List Bypass Vulnerability

A vulnerability in the access control list ACL programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs o...

5.8CVSS5.8AI score0.00425EPSS
Exploits0References1
Cisco
Cisco
added 2024/09/11 4:0 p.m.17 views

Cisco IOS XR Software CLI Arbitrary File Read Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the...

5.5CVSS5.2AI score0.00139EPSS
Exploits0References1
Cisco
Cisco
added 2024/07/17 4:0 p.m.17 views

Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers Authenticated Remote Code Execution Vulnerability

A vulnerability in the upload module of Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient boundary checks when processing specific HTTP requests. An attacker...

6.5CVSS6.9AI score0.00857EPSS
Exploits0References1
Cisco
Cisco
added 2020/10/07 4:0 p.m.17 views

Cisco StarOS Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...

4.4CVSS2.9AI score0.00361EPSS
Exploits0References1
Cisco
Cisco
added 2020/04/15 4:0 p.m.17 views

Cisco IoT Field Network Director Denial of Service Vulnerability

A vulnerability in the Constrained Application Protocol CoAP implementation of Cisco IoT Field Network Director could allow an unauthenticated remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation of incoming Co...

7.5CVSS2.5AI score0.01665EPSS
Exploits0References1
Cisco
Cisco
added 2017/04/05 4:0 p.m.17 views

Cisco Aironet 1830 Series and 1850 Series Access Points Mobility Express Default Credential Vulnerability

A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete control of an affected device. The vulnerability is due to the existence of default credentials for an...

9.8CVSS9.6AI score0.04459EPSS
Exploits0References1
Cisco
Cisco
added 2016/09/21 4:0 p.m.17 views

Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability

A vulnerability in the web interface of Cisco Cloud Services Platform CSP 2100 could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of specific values received as part of a user-supplied HTTP request...

7.5CVSS9.8AI score0.03687EPSS
Exploits0References1
Cisco
Cisco
added 2016/08/17 4:0 p.m.17 views

Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability

A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerabilit...

8.5CVSS9.1AI score0.02656EPSS
Exploits0References1
Cisco
Cisco
added 2015/06/15 3:6 p.m.17 views

Cisco Virtualization Experience Client 6215 Devices Command Injection Vulnerability

A vulnerability in the diagnostics portion of the administrative web interface of Cisco Virtualization Experience VXC Client 6215 devices could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with elevated privileges. The vulnerability is du...

6.8CVSS7.1AI score0.00582EPSS
Exploits0References1
Cisco
Cisco
added 2015/06/12 7:19 p.m.17 views

Cisco Email Security Appliance Anti-Spam Scanner Bypass Vulnerability

A vulnerability in the anti-spam scanner of the Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the anti-spam functionality of the ESA. The vulnerability is due to improper handling of a malformed packet in the anti-spam scanner. An attacker could...

5CVSS6.3AI score0.03491EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2015/03/19 3:59 p.m.17 views

Cisco IOS Software Autonomic Networking Infrastructure Overwrite Vulnerability

A vulnerability in the Autonomic Networking Infrastructure ANI feature of Cisco IOS software could allow an unauthenticated, remote attacker to overwrite some configuration values received via ANI. The vulnerability is due to insufficient validation of received Autonomic Networking AN messages. A...

5.8CVSS5.9AI score0.01746EPSS
Exploits0References1
Cisco
Cisco
added 2014/12/12 6:1 p.m.17 views

Cisco Prime Security Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Prime Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validation of several...

4.3CVSS5.5AI score0.00931EPSS
Exploits0References1
Cisco
Cisco
added 2014/09/15 10:19 p.m.17 views

Cisco IOS XR Software Information Disclosure Vulnerability

A vulnerability in the command-line interface CLI of Cisco IOS XR Software could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to insufficient data protection of sensitive information. An attacker could exploit this vulnerability by issuing...

4.9CVSS6.4AI score0.01082EPSS
Exploits0References1
Cisco
Cisco
added 2014/05/21 8:7 p.m.17 views

Cisco Security Manager Cross-Site Request Forgery Vulnerability

A vulnerability in the web framework of Cisco Security Manager could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack against the web interface. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by...

4.3CVSS6.5AI score0.01214EPSS
Exploits0References1
Cisco
Cisco
added 2014/02/28 5:29 p.m.17 views

Cisco Unified Communications Domain Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validation of...

4.3CVSS5.6AI score0.01158EPSS
Exploits1References1
Cisco
Cisco
added 2013/12/16 2:12 p.m.17 views

Cisco WebEx Sales Center Mobile Browser Open Redirect Vulnerability

A vulnerability in Cisco WebEx Sales Center could allow an unauthenticated, remote attacker to cause WebEx Sales Center to redirect mobile browsers to an attacker-supplied URL. The vulnerability is due to an open redirect issue in Cisco WebEx Sales Center. An attacker could exploit this...

4.3CVSS1.5AI score0.02117EPSS
Exploits1References1
Cisco
Cisco
added 2013/12/13 9:14 p.m.17 views

Cisco WebEx Business Suite Site Access Control Bypass Vulnerability

A vulnerability in the site access control implementation of Cisco WebEx Business Suite could allow an authenticated, remote attacker to inject content from the attacker-controlled WebEx site into another WebEx site. The vulnerability is due to insufficient validation of user-supplied input. An...

4.9CVSS2.3AI score0.01618EPSS
Exploits1References1
Cisco
Cisco
added 2013/12/13 6:58 p.m.17 views

Cisco WebEx Multiple Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in Cisco WebEx Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by convincing a user ...

4.3CVSS0.8AI score0.01951EPSS
Exploits1References1
Cisco
Cisco
added 2013/09/09 1:47 p.m.17 views

Cisco Prime Network Control System Cross-Site Scripting Vulnerability

A vulnerability in the health monitor login page of Cisco Prime Network Control System NCS could allow an unauthenticated, remote attacker to conduct cross-site XSS scripting attacks. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by...

4.3CVSS2.2AI score0.01531EPSS
Exploits0References1
Cisco
Cisco
added 2013/03/04 9:24 p.m.17 views

Cisco MARS Information Disclosure Vulnerability

A vulnerability in the configuration of the XML parser of the Cisco Security Monitoring, Analysis and Response System MARS could allow an unauthenticated, remote attacker to have "read" access to part of information stored in the affected system. The vulnerability is due to improper handling of X...

4.3CVSS1AI score0.01161EPSS
Exploits0References1
Cisco
Cisco
added 2011/09/20 4:0 p.m.17 views

Cisco Identity Services Engine Database Default Credentials Vulnerability

...

2.9AI score
Exploits0References1
Cisco
Cisco
added 2011/08/30 4:0 p.m.17 views

Apache HTTPd Range Header Denial of Service Vulnerability

The Apache HTTPd server contains a denial of service vulnerability when it handles multiple, overlapping ranges. Multiple Cisco products may be affected by this vulnerability. Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence...

0.6AI score
Exploits0References1
Cisco
Cisco
added 2011/06/01 4:0 p.m.17 views

Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client

...

1.9AI score
Exploits0References1
Cisco
Cisco
added 2011/02/23 4:0 p.m.17 views

Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability

...

3.1AI score
Exploits0References1
Cisco
Cisco
added 2010/04/29 6:32 p.m.17 views

Cisco Router and Security Device Manager Cross-Site Scripting Vulnerability

Cisco Router and Security Device Manager versions 2.5 and prior contain a vulnerability that could allow attackers to conduct cross-site scripting attacks. The vulnerability exists due to improper validation of parameters processed by the application. An unauthenticated, remote attacker could...

4.3CVSS6.3AI score0.00845EPSS
Exploits0References1
Cisco
Cisco
added 2007/08/15 4:0 p.m.17 views

Local Privilege Escalation Vulnerabilities in Cisco VPN Client

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

6.8CVSS6AI score0.00332EPSS
Exploits0References1
Cisco
Cisco
added 2007/05/23 4:43 p.m.17 views

Cisco CallManager Web Interface Input Validation Bypass Vulnerability

Cisco CallManager versions 4.31 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions and conduct cross-site scripting attacks. This vulnerability exists due to insufficient sanitization of user-supplied input to the CallManager web...

4.3CVSS6.4AI score0.06492EPSS
Exploits1References1
Cisco
Cisco
added 2007/01/10 4:0 p.m.17 views

Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability

...

6.9AI score
Exploits0References1
Cisco
Cisco
added 2006/10/12 4:0 p.m.17 views

Default Password in Wireless Location Appliance

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7AI score
Exploits0References1
Cisco
Cisco
added 2006/09/20 6:13 p.m.17 views

Cisco Intrusion Prevention System Scanning Bypass Vulnerability

Cisco Intrusion Prevention System versions prior to 5.12 contain a vulnerability that could allow an unauthenticated, remote attacker to bypass security scanning. This vulnerability is due to a failure to properly handle fragmented packets. An unauthenticated, remote attacker can exploit this...

7.5CVSS6.5AI score0.04195EPSS
Exploits0References1
Cisco
Cisco
added 2006/05/24 4:0 p.m.17 views

Windows VPN Client Local Privilege Escalation Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7AI score
Exploits0References1
Cisco
Cisco
added 2006/04/19 3:0 p.m.17 views

Cisco IOS XR MPLS Vulnerabilities

...

2.3AI score
Exploits0References1
Cisco
Cisco
added 2005/04/12 4:0 p.m.17 views

Crafted ICMP Messages Can Cause Denial of Service

...

3.1AI score
Exploits0References1
Cisco
Cisco
added 2004/02/03 4:0 p.m.17 views

Cisco 6000/6500/7600 Crafted Layer 2 Frame Vulnerability

...

2.3AI score
Exploits0References1
Cisco
Cisco
added 2003/07/09 4:0 p.m.17 views

Denial-of-Service of TCP-based Services in CatOS

...

1.7AI score
Exploits0References1
Cisco
Cisco
added 2002/05/23 4:0 p.m.17 views

CBOS - Improving Resilience to Denial-of-Service Attacks

...

3.2AI score
Exploits0References1Affected Software1
Cisco
Cisco
added 2002/04/09 4:0 p.m.17 views

Aironet Telnet Vulnerability

...

5CVSS2AI score0.01657EPSS
Exploits0References1
Cisco
Cisco
added 2001/11/14 4:0 p.m.17 views

ICMP Unreachable Vulnerability in Cisco 12000 Series Internet Router

...

5CVSS3AI score0.01675EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities5000