Cisco Expressway Series Privilege Escalation Vulnerability

A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level...

Cisco Catalyst Center Static SSH Host Key Vulnerability

A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability...

Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based...

Cisco IOS XR Software UDP Packet Memory Exhaustion Vulnerability

A vulnerability in the multicast traceroute version 2 Mtrace2 feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An...

Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...

Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments for a specific CLI command. An...

Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service QoS policies, on an affected system. This...

Cisco Expressway Series Open Redirect Vulnerability

A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this...

Cisco IOS XR Software Secure Boot Bypass Vulnerability

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system...

Cisco Prime Access Registrar Appliance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid credentials for the device. This vulnerability i...

Cisco Webex Meetings Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to insufficient...

Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability

A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...

Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability

A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit MCU Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service DoS condition. The vulnerability is due to improper size validation when...

Cisco IOS Software Autonomic Networking Infrastructure Overwrite Vulnerability

A vulnerability in the Autonomic Networking Infrastructure ANI feature of Cisco IOS software could allow an unauthenticated, remote attacker to overwrite some configuration values received via ANI. The vulnerability is due to insufficient validation of received Autonomic Networking AN messages. A...

Cisco Security Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to insufficient input validation of a parameter. An attacker could exploit this...

Cisco Prime Security Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Prime Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validation of several...

Cisco Prime LAN Management Solution Cross-Frame Scripting Vulnerability

A vulnerability in Cisco Prime LAN Management Solution could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an...

Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue

The Cisco Product Security Incident Response Team PSIRT would like to notify customers of an issue that may impact their network security posture when upgrading the Cisco Nexus 1000V Series Switches to Software Release 4.21SV15.2 with deployments that have Cisco Virtual Security Gateway VSG...

Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability

...

Cisco Security Manager Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Local Privilege Escalation Vulnerabilities in Cisco VPN Client

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Buffer Overrun in Microsoft Windows 2000 Workstation Service (MS03-049)

...

Cisco FWSM Vulnerabilities

...

Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061

...

MS SQL Worm Mitigation Recommendations

...

Cisco ONS15454 and Cisco ONS15327 Vulnerabilities

...

Predefined Restriction Tables Allow Calls to International Operator

...

Cisco VPN Client Multiple Vulnerabilities - Second Set

...

Multiple Vulnerabilities in Cisco SN 5420 Storage Routers

...

CBOS Web-based Configuration Utility Vulnerability

...

Multiple SSH Vulnerabilities

...

VPN3000 Concentrator TELNET Vulnerability

...

Possible Access Control Bypass and Denial of Service in Gigabit Switch Routers Using Gigabit Ethernet or Fast Ethernet Cards

...

Cisco CHAP Authentication Vulnerabilities

...

Cisco Prime Infrastructure Information Disclosure Vulnerability

A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server. This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit...

Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco 350 Series Managed Switches SG350 and Cisco 350X Series Stackable Managed Switches SG350X firmware could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This...

Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device. To exploit these vulnerabilities, the attacker mu...

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...

Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability

A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required...

Cisco Identity Services Engine RADIUS Denial of Service Vulnerability

A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of certain RADIUS requests. An attacker...

Cisco IOS XE Software Web-Based Management Interface Command Injection Vulnerability

A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to...

Cisco IOS XE Software Model-Driven Programmability Authorization Bypass Vulnerability

A vulnerability in the Network Configuration Access Control Module NACM of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior caus...

Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 SNMPv3 feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from ...

Cisco IOS XR Software Image Verification Bypass Vulnerability

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the...

Cisco Expressway Series Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly...

Cisco Secure Web Appliance Range Request Bypass Vulnerability

A vulnerability in a policy-based Cisco Application Visibility and Control AVC implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint. The vulnerability i...

Cisco Crosswork Network Controller Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against users of the interface of an affected system. These vulnerabilities exist because the web-based...

Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due to insufficient validation of...

Cisco Unified Contact Center Management Portal Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists...

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface...