Cisco SD-WAN Arbitrary File Deletion Vulnerability

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit...

Cisco Duo for macOS Authentication Bypass Vulnerability

A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability exists because the assigned user of a smart card is not properly matched with the authenticating user. An attacke...

Cisco SD-WAN Software Arbitrary File Corruption Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands...

Cisco SD-WAN Software Privilege Escalation Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility Denial of Service Vulnerability

A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient error validation. An attacker coul...

Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability

A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of...

Cisco Catalyst 9100 Series Access Points Association Request Denial of Service Vulnerability

A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points APs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of certain...

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family DHCP Processing Denial of Service Vulnerability

A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of DHCP messages. An...

Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability

A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot...

Cisco IOS XE Software IPv6 VPN over MPLS Denial of Service Vulnerability

A vulnerability in the implementation of IPv6 VPN over MPLS 6VPE with Zone-Based Firewall ZBFW of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling of an IP...

Cisco Access Points VLAN Bypass from Native VLAN Vulnerability

A vulnerability in the client forwarding code of multiple Cisco Access Points APs could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards...

Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022

On September 27, 2022, the following vulnerabilities affecting Cisco products were disclosed by Cert/CC as part of VU855201, titled L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers "https://kb.cert.org/vuls/id/855201": CVE-2021-27853: Layer 2 network filteri...

Cisco IOS XR Software Broadband Network Gateway PPP over Ethernet Denial of Service Vulnerability

A vulnerability in the Broadband Network Gateway PPP over Ethernet PPPoE feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash. This vulnerability exists because the PPPoE feature does not properly handle an error...

Cisco IOS XR Software Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device. This vulnerability is due to a heap buffer overflow in certain Cisco Discovery...

Cisco Network Convergence System 4000 Series TL1 Denial of Service Vulnerability

A vulnerability in the TL1 function of Cisco Network Convergence System NCS 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability b...

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers IPSec VPN Server Authentication Bypass Vulnerability

A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network. This vulnerability is due to the improper...

Cisco SD-WAN vManage Software Unauthenticated Access to Messaging Services Vulnerability

A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system. This vulnerability exists because the messaging...

Cisco Webex Meetings App Character Interface Manipulation Vulnerability

A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character...

Cisco Meraki MR Series Splash Page Insecure Configuration Option

A configuration option for the Splash Page feature also known as Captive Portal in Cisco Meraki MR Series devices may allow an administrator to configure an 802.11 WLAN in which traffic policies are not applied to clients that are connecting to the network. The insecure configuration is determine...

Vulnerability in NVIDIA Data Plane Development Kit Affecting Cisco Products: August 2022

On August 29, 2022, NVIDIA announced the following vulnerability with a medium impact: CVE-2022-28199: Security Bulletin: NVIDIA Data Plane Development Kit MLNXDPDK - August 2022 For a description of this vulnerability, see Security Bulletin: NVIDIA Data Plane Development Kit MLNXDPDK - August 20...

Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability

A vulnerability in the OSPF version 3 OSPFv3 feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could...

Cisco FXOS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device. This vulnerability is due to insufficient input validation of...

Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability

A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service DoS condition on an affected device. This vulnerability is due to...

Cisco ACI Multi-Site Orchestrator Privilege Escalation Vulnerability

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator MSO could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sendi...

Cisco Secure Web Appliance Privilege Escalation Vulnerability

A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This vulnerability is due to insufficient...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Web Client Services Client-Side Request Smuggling Vulnerability

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is du...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key...

Cisco Small Business RV Series Routers Vulnerabilities

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service DoS condition on an affected device. For more information about these vulnerabilities, see the...

Cisco Unified Communications Manager Arbitrary File Deletion Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to delete arbitrary files from an affected system. This...

Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability

A vulnerability in the External RESTful Services ERS API of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to excessive verbosity in a specific REST API output. An attacker could exploit this...

Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management...

Cisco Webex Meetings Web Interface Vulnerabilities

Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting XSS attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabilities, see the Details "details" section of...

Cisco Nexus Dashboard SSL Certificate Validation Vulnerability

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus...

Cisco IoT Control Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly...

Cisco Nexus Dashboard Arbitrary File Write Vulnerability

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator...

Cisco Identity Services Engine Administrator Password Lifetime Expiration Issue

An issue in the Password Policy settings of Cisco Identity Services Engine ISE could allow an administrator to use expired credentials to gain access to the web management interface. When the Password Lifetime setting for the administrator password policy is used to set the password to expire, th...

Cisco Nexus Dashboard Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these...

Cisco Nexus Dashboard Unauthorized Access Vulnerabilities

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the Details "details" sectio...

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, and Cisco Unity Connection could...

Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to the storage of certain unencrypted credentials...

Cisco Unified Communications Products Timing Attack Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a timing attack. This vulnerability is due to insufficient...

Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco...

Cisco Unified Communications Products Access Control Vulnerability

A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, and Cisco Unity Connection could allow an authenticated, remote attacker to perform certain administrative actions the...

Cisco Unified Communications Products Arbitrary File Read Vulnerability

A vulnerability in the database user privileges of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an authenticated, remote...

Cisco Unified Communications Products Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...

Cisco Smart Software Manager On-Prem Denial of Service Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. A...

Cisco Unified Communications Manager Arbitrary File Read Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of a...

Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability

A vulnerability in the packaging of Cisco Adaptive Security Device Manager ASDM images and the validation of those images by Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious...