5224 matches found
SSL/TLS Certificate and SSH Public Key Validation Vulnerability
...
Cisco Unified Contact Center and IP Contact Center JTapi Gateway Denial of Service Vulnerability
Cisco Unified Contact Center and Cisco IP Contact Center versions 5.0, 6.0, 7.0, and 7.1 contain a vulnerability that could allow an unauthenticated, remote attacker to create a denial of service DoS condition. The vulnerability is due to insufficient handling of unexpected connections. An...
Cisco Unified Contact Center and IP Contact Center JTapi Gateway Vulnerability
...
DLSw Vulnerability
A vulnerability exists in the Data-link Switching DLSw feature in Cisco IOS where an invalid value in a DLSw message could result in a reload of the DLSw device. Successful exploitation of this vulnerability requires that an attacker be able to establish a DLSw connection to the device. There are...
Cisco Secure Access Control Server Access-Request Handling Denial of Service Vulnerability
Cisco Secure Access Control Server for Windows and Cisco Secure Access Control Server Solution Engine contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability exists due to insufficient handling of malformed RADIUS...
Cisco Secure Access Control Server Accounting-Request Buffer Overflow Vulnerability
Cisco Secure Access Control Server for Windows and Cisco Secure Access Control Server Solution Engine contain a vulnerability that could allow an authenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code. The vulnerability exists due to insufficient input...
Multiple Vulnerabilities in Cisco Secure Access Control Server
...
Multiple Vulnerabilities in Cisco Clean Access
...
Multiple Vulnerabilities in Cisco Secure Desktop
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Security Agent Management Center LDAP Administrator Authentication Bypass
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Security Agent for Linux Port Scan Denial of Service
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Default Password in Wireless Location Appliance
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Limitations in Cisco Secure Desktop
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Intrusion Prevention System Scanning Bypass Vulnerability
Cisco Intrusion Prevention System versions prior to 5.12 contain a vulnerability that could allow an unauthenticated, remote attacker to bypass security scanning. This vulnerability is due to a failure to properly handle fragmented packets. An unauthenticated, remote attacker can exploit this...
Cisco Guard Enables Cross Site Scripting
A vulnerability in the Cisco Guard may enable an attacker to send a web browser client to a malicious website with the use of Cross Site Scripting XSS when the Guard is providing anti-spoofing services between the web browser client and a webserver. The attacker may exploit this by providing a...
Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms
A vulnerability exists in certain Cisco IOS ® software release trains running on the Cisco IAD2400 series, 1900 Series Mobile Wireless Edge Routers and Cisco VG224 Analog Phone Gateways. Vulnerable versions may contain a default hard-coded Simple Network Management Protocol SNMP community string...
Cisco IOS VTP Malformed Version Denial of Service Vulnerability
Cisco IOS contains a vulnerability in the VLAN Trunking Protocol VTP that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability exists because the VTP feature in several versions of Cisco IOS software does not properly handle malformed packe...
Cisco IOS VTP Integer Wrap Denial of Service Vulnerability
Cisco IOS and Cisco Catalyst OS contain an integer overflow vulnerability that could allow an authenticated, remote attacker to cause affected devices to stop processing configuration changes, possibly resulting in a denial of service DoS condition. This vulnerability exists due to an integer...
Cisco IOS VTP VLAN Buffer Overflow Vulnerability
Cisco IOS contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability exists due to improper input validation by the VTP feature of Cisco IOS. An authenticated, remote attacker could exploit this vulnerability by submitting a malicious...
OpenSSL RSA Signature Forgery Vulnerability
OpenSSL versions 0.9.7j and prior and 0.9.8b and prior contain a vulnerability that could allow an unauthenticated, remote attacker to successfully pass a forged X.509 certificate. The vulnerability could allow an unauthenticated, remote attacker to pass a forged Public-Key Cryptography Standards...
Unintentional Password Modification Vulnerability in Cisco Firewall Products
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco VPN 3000 Concentrator FTP Management Vulnerabilities
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Internet Key Exchange Protocol Version 1 Denial of Service Vulnerability
Multiple products contain a vulnerability in the implementation of the Internet Key Exchange IKE version 1 protocol. IKE is typically used for key exchange in IPSec, and IPSec is commonly used to encrypt data for VPN connections. The vulnerability affects IKE Phase 1 negotiations in both Main Mod...
Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Router Web Setup Ships with Insecure Default IOS Configuration
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Intrusion Prevention System Malformed Packet Denial of Service
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Multiple Cisco Unified CallManager Vulnerabilities
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Access Point Web-browser Interface Vulnerability
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Multiple Vulnerabilities in Wireless Control System
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco CallManager Administration and User Options Web Interfaces Cross-Site Scripting Vulnerability
Cisco CallManager versions prior to 4.31, 4.23, 4.13SR4 and 3.35SR3 contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary script in the user's browser session. The vulnerability exists due to improper input sanitization in the CallManager Administration...
Windows VPN Client Local Privilege Escalation Vulnerability
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
AVS TCP Relay Vulnerability
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Unity Express Expired Password Reset Privilege Escalation
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco IOS XR MPLS Vulnerabilities
...
Multiple Vulnerabilities in the WLSE Appliance
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco 11500 Content Services Switch HTTP Request Vulnerability
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Optical Networking System 15000 Series and Cisco Transport Controller Vulnerabilities
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack
...
Cisco Call Manager Denial of Service
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Call Manager Privilege Escalation
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
IOS Stack Group Bidding Protocol Crafted Packet DoS
The Cisco IOS Stack Group Bidding Protocol SGBP feature in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable denial of service condition. Devices that do not support or have not enabled the SGBP protocol are not affected by this vulnerability. Cisco has made free...
Access Point Memory Exhaustion from ARP Attacks
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
IOS HTTP Server Command Injection Vulnerability
A vulnerability exists in the IOS HTTP server in which HTML code inserted into dynamically generated output, such as the output from a show buffers command, will be passed to the browser requesting the page. This HTML code could be interpreted by the client browser and potentially execute malicio...
Cisco Security Agent Vulnerable to Privilege Escalation
...
Fixed SNMP Communities and Open UDP Port in Cisco 7920 Wireless IP Phone
...
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE Internet Key Exchange messages. These vulnerabilities were identified by the University of Oulu Secure Programming Group OUSPG "PROTOS" Test Suite for IPSec and can be repeatedly exploited to produce a denial of servic...
IOS Heap-based Overflow Vulnerability in System Timers
...