Cisco Firepower Device Manager On-Box Software XML Parsing Vulnerability

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities

Multiple vulnerabilities in the Media Gateway Control Protocol MGCP inspection feature of Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The...

Cisco Firepower Management Center Arbitrary Log File Write Vulnerability

A vulnerability in the web UI of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to write arbitrary entries to the log file on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web UI of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the FMC Software. The vulnerability is due to insufficient validatio...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability

A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service DoS condition. The...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability

A vulnerability in the Open Shortest Path First OSPF implementation of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service DoS...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability

A vulnerability in the Open Shortest Path First OSPF implementation in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to incorrect...

Cisco Content Security Management Appliance Open Redirect Vulnerabilities

Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an...

Cisco Firepower Threat Defense Software Management Access List Bypass Vulnerability

A vulnerability in the management access list configuration of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS handler of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a...

Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability

A vulnerability in the Transport Layer Security version 1.3 TLS 1.3 policy with URL category functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability i...

Cisco Firepower Threat Defense Software Shell Access Vulnerability

A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...

Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Firepower Device Manager FDM On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this...

Cisco Umbrella Carriage Return Line Feed Injection Vulnerability

A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriage return line feed CRLF injection attack against a user of an affected service. The vulnerability is due to insufficient validation of user input. An attacker could exploit this...

Cisco Firepower Management Center Static Credential Vulnerabilities

Multiple vulnerabilities in Cisco Firepower Management Center FMC Software and Cisco Firepower User Agent Software could allow an attacker to access a sensitive part of an affected system with a high-privileged account. For more information about these vulnerabilities, see the Details section of...

Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability

A vulnerability in how Cisco Firepower Threat Defense FTD Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service DoS condition...

Cisco Hosted Collaboration Mediation Fulfillment XML External Expansion Vulnerability

A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange version 1 IKEv1 feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability

A vulnerability in the implementation of the Border Gateway Protocol BGP module in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability

A vulnerability in the DHCP module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to incorrect processing ...

Cisco Firepower Management Center Open Redirect Vulnerability

A vulnerability in the web interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this...

Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerability

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in ...

Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS handler of Cisco Firepower Threat Defense FTD Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition on an affected...

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted...

Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability

A vulnerability in the Kerberos authentication feature of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to impersonate the Kerberos key distribution center KDC and bypass authentication on an affected device that is configured to perform Kerberos...

Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper...

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP...

Cisco IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Role-Based Access Control Vulnerability

A vulnerability in role-based access control of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow a read-only authenticated, remote attacker to disable user accounts on an affected system. The vulnerability is due to...

Cisco Firepower Threat Defense Software Information Disclosure Vulnerability

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device. The vulnerability is due to insufficient application identification. An...

Cisco Firepower Management Center File Overwrite Vulnerability

A vulnerability in the web UI of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to overwrite files on the file system of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by...

Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to...

Cisco Wireless LAN Controller CAPWAP Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol handler of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficien...

Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data

Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details "details"...

Cisco Unified Communications Manager Path Traversal Vulnerability

A vulnerability in the Tool for Auto-Registered Phones Support TAPS of Cisco Unified Communications Manager UCM and Cisco Unified Communications Manager Session Management Edition SME could allow an unauthenticated, remote attacker to conduct directory traversal attacks on an affected device. The...

Cisco IP Phones Web Server Remote Code Execution and Denial of Service Vulnerability

A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service DoS condition. The vulnerability is due to a lack of proper input validation of HT...

Cisco IoT Field Network Director Denial of Service Vulnerability

A vulnerability in the Constrained Application Protocol CoAP implementation of Cisco IoT Field Network Director could allow an unauthenticated remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation of incoming Co...

Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerability

A vulnerability in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exists due to insufficient validation of certain elements with a Webex recording...

Cisco Mobility Express Software Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Mobility Express Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based managemen...

Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability

A vulnerability in the 802.11 Generic Advertisement Service GAS frame processing function of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS. The vulnerability is due to incomple...

Cisco Aironet Series Access Points Client Packet Processing Denial of Service Vulnerability

A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point AP. An...

Cisco SD-WAN Solution Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to ...

Cisco SD-WAN Solution Command Injection Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating ...

Cisco SD-WAN Solution vManage Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient validation of...

Cisco SD-WAN Solution vManage SQL Injection Vulnerability

A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web UI improperly validates SQL values. An attacker could exploit this vulnerability b...

Cisco SD-WAN Solution Buffer Overflow Vulnerability

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device...

Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements within a Webex...

Cisco Email Security Appliance Uncontrolled Resource Exhaustion Vulnerability

A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection AMP in Cisco AsyncOS Software for Cisco Email Security Appliances ESAs could allow an unauthenticated remote attacker to exhaust resources on an affected device. The vulnerability is due to insufficient...

Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to obtain sensitive information about an affected device. The vulnerability exists because replies from the web-based management interface include...

Cisco Webex Meetings Client for MacOS Information Disclosure Vulnerability

A vulnerability in the multicast DNS mDNS protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running. The vulnerability exists because sensitive information ...