Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Industrial Network Director IND could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

Cisco IOS XR Software Secure Shell Authentication Vulnerability

A vulnerability in the Secure Shell SSH authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of...

Cisco Webex Meetings Server Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to improper access control to files within the web-based management interface. An attacker could...

Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email ECE Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Path Traversal Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. This vulnerability is due to...

Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)

Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of arguments passed to...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1783)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments...

Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signature...

Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol BGP Multiprotocol Label Switching MPLS-based Ethernet VPN EVPN implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service DoS condition on an affected device. The vulnerability is due to a...

Cisco Video Surveillance Manager Web-Based Management Interface Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Video Surveillance Manager could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to improper validation of parameters handled by the web-based management interface. An attacker could...

Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...

Cisco Identity Services Engine Arbitrary Client Certificate Creation Vulnerability

A vulnerability in the External RESTful Services ERS API of the Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to generate arbitrary certificates signed by the Internal Certificate Authority CA Services on ISE. This vulnerability is due to an incorrect...

Cisco NX-OS Software Remote Package Manager Command Injection Vulnerability

A vulnerability in the Remote Package Manager RPM subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check, time-of-use TOCTOU race condition to corrupt local variables, which could lead to arbitrary command injectio...

Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of...

Cisco Firepower Threat Defense Software Detection Engine Policy Bypass Vulnerability

A vulnerability in the detection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1791)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of...

Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1780)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to...

Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities

Multiple vulnerabilities in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary...

Cisco Nexus 3000 Series and 9000 Series Switches in NX-OS Mode CLI Command Software Image Signature Verification Vulnerability

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow a remote attacker to gain the ability to execute arbitrary code with elevated privileges on the underlying operating system. One of these...

Cisco NX-OS Software Line Card Command Injection Vulnerability (CVE-2019-1769)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system of an attached line card with the privilege level of root. The vulnerability is due to insufficient...

Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. These vulnerabilities exist because the software improperly validates...

Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability

A vulnerability in the Multiprotocol Label Switching MPLS Operations, Administration, and Maintenance OAM implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service DoS condition o...

Cisco NX-OS Software SSH Key Information Disclosure Vulnerability

A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The...

Cisco NX-OS Software Python Parser Privilege Escalation Vulnerability

Update from August 25, 2021: Cisco found that this vulnerability was present in additional releases of Cisco NX-OS Software with the introduction of Python 3 support. For more information, see the Fixed Software "fs" section of this advisory. A vulnerability in the Python scripting subsystem of...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command ...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Path Traversal Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. This vulnerability is due to...

Cisco NX-OS Software Command Injection Vulnerabilities (CVE-2019-1774, CVE-2019-1775)

Multiple vulnerabilities in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of arguments passed to certain CLI commands. An...

Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1779)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments...

Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability

A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol parser of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a TLS...

Cisco MDS 9700 Series Multilayer Directors and Nexus 7000/7700 Series Switches Software Patch Signature Verification Vulnerability

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signature...

Cisco Small Business Series Switches Simple Network Management Protocol Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol SNMP input packet processor of Cisco Small Business Sx200, Sx300, Sx500, ESW2 Series Managed Switches and Small Business Sx250, Sx350, Sx550 Series Switches could allow an authenticated, remote attacker to cause the SNMP application of an...

Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability

A vulnerability in the NX API NX-API Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...

Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability

A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series Sx300 Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1770)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments...

Cisco NX-OS CLI Command Software Image Signature Verification Vulnerabilities

Multiple vulnerabilities in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerabilities exist because software digital signatures...

Cisco Webex Network Recording Player Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly validates Advance...

Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed ...

Cisco AnyConnect Secure Mobility Client for Linux Out-of-Bounds Memory Read Vulnerability

A vulnerability in the HostScan component of Cisco AnyConnect Secure Mobility Client for Linux could allow an unauthenticated, remote attacker to read sensitive information on an affected system. The vulnerability exists because the affected software performs improper bounds checks. An attacker...

Cisco FXOS and NX-OS Software Sensitive File Read Information Disclosure Vulnerability

A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance...

Cisco NX-OS Software Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root...

Cisco FXOS and NX-OS Software Simple Network Management Protocol Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol SNMP input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly...

Cisco Unified Intelligence Center Remote File Injection Vulnerability

A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to obtain or manipulate sensitive information between a user’s browser and Cisco Unified Intelligence Center. The vulnerability is due to the lack of gadget...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI comman...

Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1778)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI comman...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Path Traversal Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. This vulnerability is due to...

Cisco Secure Boot Hardware Tampering Vulnerability

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that...