5218 matches found
Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Client Denial of Service Vulnerability
A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...
Cisco Firepower Management Center Software Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based management interface...
Cisco Firepower Threat Defense Software Generic Routing Encapsulation Denial of Service Vulnerability
A vulnerability in the generic routing encapsulation GRE tunnel decapsulation feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory handling err...
Cisco Firepower Threat Defense Software SSL Decryption Policy Bleichenbacher Attack Vulnerability
A vulnerability in the TLS handler of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses...
Cisco Firepower Management Center and Firepower Threat Defense Software SSH Denial of Service Vulnerability
A vulnerability in the processing of SSH connections of Cisco Firepower Management Center FMC and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper err...
Cisco Secure Firewall 3100 Series Secure Boot Bypass Vulnerability
A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance ASA Software or Cisco Firepower Threat Defense FTD Software could allow an unauthenticated attacker with physical access to the device to bypass the secure bo...
Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability
A vulnerability in the management web server of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly...
Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, and NGIPS Software SNMP Default Credential Vulnerability
A vulnerability in the Simple Network Management Protocol SNMP access controls for Cisco FirePOWER Software for Adaptive Security Appliance ASA FirePOWER module, Cisco Firepower Management Center FMC Software, and Cisco Next-Generation Intrusion Prevention System NGIPS Software could allow an...
Cisco Firepower Threat Defense Software SIP and Snort 3 Detection Engine Denial of Service Vulnerability
A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability
A vulnerability in the Simple Network Management Protocol SNMP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerabili...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability
A vulnerability in dynamic access policies DAP functionality of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This...
Cisco Firepower Management Center Software Command Injection Vulnerabilities
Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. These vulnerabilities are due to insufficient validation of user-supplied...
Cisco Firepower Threat Defense Software and Cisco FXOS Software Command Injection Vulnerability
A vulnerability in the CLI of Cisco Firepower Threat Defense FTD Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation for specific CLI commands...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN Authorization Bypass Vulnerability
A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to...
Cisco BroadWorks CommPilot Application Software Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device or obtain confidential information from the Cisco BroadWorks server and other devices on...
Cisco Email Security Appliance and Cisco Secure Email and Web Manager HTTP Response Header Injection Vulnerability
A vulnerability in Cisco Email Security Appliance ESA and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input...
Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Next Generation Management Vulnerabilities
Multiple vulnerabilities in the next-generation UI management interface for Cisco Email Security Appliance ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an attacker to elevate privileges or to conduct a SQL...
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This vulnerability is due to...
Cisco Identity Services Engine Insufficient Access Control Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass authorization and access system files. This vulnerability is due to improper access control in the web-based management interface of an affected...
Cisco Identity Services Engine Path Traversal Vulnerability
A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to make unauthorized changes to the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...
Cisco Identity Services Engine Software Resource Exhaustion Vulnerability
A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to insufficient management of system resources. An attack...
Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to retrieve sensitive information from...
Cisco Email Security Appliance Denial of Service Vulnerability
A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an...
Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF...
Cisco Umbrella Stored Cross-Site Scripting Vulnerability
A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the Cisco Umbrella dashboard. This vulnerability is due to unsanitized user input. An attacker could exploit this...
Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022
On November 1, 2022, the OpenSSL Project announced the following vulnerabilities: CVE-2022-3602 - X.509 Email Address 4-byte Buffer Overflow CVE-2022-3786 - X.509 Email Address Variable Length Buffer Overflow For a description of these vulnerabilities, see OpenSSL Security Advisory Nov 1 2022...
Cisco Identity Services Engine Unauthorized File Access Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to list, download, and delete files on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could explo...
Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the...
Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of...
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the External RESTful Services ERS API of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient input...
Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities
Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol LLDP for Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to execute code, cause the service to reload unexpectedly, or cause Cisco Discovery Protocol or LLDP database corrupti...
Cisco Enterprise NFV Infrastructure Software Improper Signature Verification Vulnerability
A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature verification of upgrade...
Cisco BroadWorks Hosted Thin Receptionist Cross-Site Scripting Vulnerability
A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient user input validation. An attacker cou...
Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this...
Cisco Touch 10 Devices Downgrade Vulnerability
A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the software on an affected device. This vulnerability is due to insufficient version control. An attacker could...
Cisco Jabber Client Software Extensible Messaging and Presence Protocol Stanza Smuggling Vulnerability
A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...
Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerabilities
Multiple vulnerabilities in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked...
Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server VCS Software could allow a remote attacker to bypass certificate validation or conduct cross-site request forgery attacks on an...
Cisco Touch 10 Devices Insufficient Identity Verification Vulnerability
A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification...
Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability
A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit thi...
Cisco IOS XE Software Web UI Command Injection Vulnerability
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input...
Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control SD-AVC on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the GUI is accessible on...
Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability
A vulnerability in the DNS application layer gateway ALG functionality that is used by Network Address Translation NAT in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a logic error that occurs when an...
Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability
A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS...
Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability
A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the code function tha...
Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability
A vulnerability in the processing of malformed Common Industrial Protocol CIP packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service DoS condition...
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Information Disclosure Vulnerability
A vulnerability in the Simple Network Management Protocol SNMP of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insufficient restrictions that allow a sensitive...
Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password Vulnerability
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control SD-AVC on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and password combination. This vulnerability exists...
Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation Vulnerability
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the...